CVE-2026-45606
Undergoing Analysis Undergoing Analysis - In Progress
Out-of-Bounds Read in Microsoft UxTheme Library

Publication date: 2026-06-09

Last updated on: 2026-06-09

Assigner: Microsoft Corporation

Description
Out-of-bounds read in Microsoft UxTheme Library (uxtheme.dll) allows an authorized attacker to deny service locally.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-06-09
Last Modified
2026-06-09
Generated
2026-06-10
AI Q&A
2026-06-09
EPSS Evaluated
N/A
NVD
CVE-2026-45606
EUVD
EUVD-2026-35685
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
microsoft uxtheme *
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-125 The product reads data past the end, or before the beginning, of the intended buffer.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability is an out-of-bounds read in the Microsoft UxTheme Library (uxtheme.dll). It allows an authorized attacker to cause a denial of service on the affected system locally.

Impact Analysis

The impact of this vulnerability is a denial of service, which means an attacker with local authorization can cause the affected system or service to become unavailable or crash.

Compliance Impact

This vulnerability allows an authorized attacker to cause a local denial of service through an out-of-bounds read in the Microsoft UxTheme Library (uxtheme.dll).

Since the vulnerability does not impact confidentiality or integrity of data (CVSS indicates no impact on confidentiality or integrity), it is unlikely to directly affect compliance with data protection standards such as GDPR or HIPAA, which primarily focus on protecting personal data privacy and integrity.

However, denial of service could affect availability, which is a component of these standards, so organizations should consider the potential impact on system availability and ensure appropriate mitigations are in place.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-45606. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart