CVE-2026-45653

Analyzed Analyzed - Analysis Complete

Use After Free in Windows Kernel Allows Local Privilege Escalation

Publication date: 2026-06-09

Last updated on: 2026-06-11

Assigner: Microsoft Corporation

Description

Use after free in Windows Kernel allows an authorized attacker to elevate privileges locally.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published

2026-06-09

Last Modified

2026-06-11

Generated

2026-06-30

AI Q&A

2026-06-09

EPSS Evaluated

2026-06-28

NVD

CVE-2026-45653

EUVD

EUVD-2026-35569

Affected Vendors & Products

Vendor	Product	Version / Range
microsoft	windows_server_2012	r2
microsoft	windows_server_2012	*
microsoft	windows_10_1607	to 10.0.14393.9234 (exc)
microsoft	windows_10_1607	to 10.0.14393.9234 (exc)
microsoft	windows_10_1809	to 10.0.17763.8880 (exc)
microsoft	windows_10_1809	to 10.0.17763.8880 (exc)
microsoft	windows_10_21h2	to 10.0.19044.7417 (exc)
microsoft	windows_10_21h2	to 10.0.19044.7417 (exc)
microsoft	windows_10_21h2	to 10.0.19044.7417 (exc)
microsoft	windows_10_22h2	to 10.0.19045.7417 (exc)
microsoft	windows_10_22h2	to 10.0.19045.7417 (exc)
microsoft	windows_10_22h2	to 10.0.19045.7417 (exc)
microsoft	windows_11_23h2	to 10.0.22631.7219 (exc)
microsoft	windows_11_23h2	to 10.0.22631.7219 (exc)
microsoft	windows_11_24h2	to 10.0.26100.8655 (exc)
microsoft	windows_11_24h2	to 10.0.26100.8655 (exc)
microsoft	windows_11_25h2	to 10.0.26200.8655 (exc)
microsoft	windows_11_25h2	to 10.0.26200.8655 (exc)
microsoft	windows_11_26h1	to 10.0.28000.2269 (exc)
microsoft	windows_11_26h1	to 10.0.28000.2269 (exc)
microsoft	windows_server_2016	to 10.0.14393.9234 (exc)
microsoft	windows_server_2019	to 10.0.17763.8880 (exc)
microsoft	windows_server_2022	to 10.0.20348.5256 (exc)
microsoft	windows_server_2025	to 10.0.26100.32995 (exc)

Helpful Resources

Exploitability

CWE

KEV

CWE ID	Description
CWE-416	The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.
CWE-122	A heap overflow condition is a buffer overflow, where the buffer that can be overwritten is allocated in the heap portion of memory, generally meaning that the buffer was allocated using a routine such as malloc().

Attack-Flow Graph

Executive Summary

This vulnerability is a use after free issue in the Windows Kernel. It allows an authorized attacker to elevate their privileges locally on the affected system.

Impact Analysis

The vulnerability can impact you by allowing an attacker with local access and some level of authorization to increase their privileges. This means they could gain higher-level permissions than intended, potentially leading to full control over the affected system.

Mitigation Strategies

This vulnerability allows an authorized attacker to elevate privileges locally via a use after free in the Windows Kernel.

To mitigate this vulnerability, it is recommended to apply the security updates provided by Microsoft as soon as they become available.

Ensure that only trusted users have local access to systems, as the attack requires local privileges.

Compliance Impact

This vulnerability allows an authorized attacker to elevate privileges locally by exploiting a use after free in the Windows Kernel.

Elevation of privileges can lead to unauthorized access to sensitive data or system functions, which may impact compliance with standards and regulations such as GDPR and HIPAA that require protection of personal and health information.

However, specific effects on compliance are not detailed in the provided information.

Hi! I’m here to help you understand CVE-2026-45653. Ask me anything about the vulnerability, its impact, or mitigation strategies.

0/70