CVE-2026-42915
Awaiting Analysis Awaiting Analysis - Queue
Incorrect Buffer Size Calculation in Windows TCP/IP Allows DoS

Publication date: 2026-06-09

Last updated on: 2026-06-09

Assigner: Microsoft Corporation

Description
Incorrect calculation of buffer size in Windows TCP/IP allows an authorized attacker to deny service over an adjacent network.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-06-09
Last Modified
2026-06-09
Generated
2026-06-10
AI Q&A
2026-06-09
EPSS Evaluated
N/A
NVD
CVE-2026-42915
EUVD
EUVD-2026-35727
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
microsoft windows_tcp_ip *
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-131 The product does not correctly calculate the size to be used when allocating a buffer, which could lead to a buffer overflow.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability is caused by an incorrect calculation of buffer size in the Windows TCP/IP implementation.

It allows an authorized attacker to cause a denial of service (DoS) condition over an adjacent network.

Impact Analysis

The primary impact of this vulnerability is a denial of service (DoS) attack.

An authorized attacker can exploit this flaw to disrupt network services by causing the affected system to become unavailable.

Compliance Impact

The provided information does not specify any direct impact of this vulnerability on compliance with common standards and regulations such as GDPR or HIPAA.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-42915. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart