Skip to main content

Microsoft CVE-2026-32080

| EUVDEUVD-2026-22512 HIGH
Use After Free (CWE-416)
2026-04-14 microsoft GHSA-39cm-frwr-45jg
7.0
CVSS 3.1 · NVD
Temporal: 6.1
Share

Severity by source

NVD PRIMARY
7.0 HIGH
AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
CIRCL (temporal)
6.1 MEDIUM
cvss

Primary rating from NVD.

CVSS VectorNVD

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
Attack Vector
Local
Attack Complexity
High
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

6
Re-analysis Queued
Apr 17, 2026 - 15:22 vuln.today
cvss_changed
Analysis Generated
Apr 14, 2026 - 19:32 vuln.today
EUVD ID Assigned
Apr 14, 2026 - 17:46 euvd
EUVD-2026-22512
Analysis Generated
Apr 14, 2026 - 17:46 vuln.today
Patch released
Apr 14, 2026 - 17:46 nvd
Patch available
CVE Published
Apr 14, 2026 - 16:58 nvd
HIGH 7.0

DescriptionCVE.org

Use after free in Windows WalletService allows an authorized attacker to elevate privileges locally.

AnalysisAI

Local privilege escalation in Microsoft Windows WalletService across Server 2016 through Server 2025 allows low-privileged authenticated attackers to gain SYSTEM-level access by exploiting a use-after-free memory corruption flaw. Attack complexity is high (CVSS AC:H), requiring precise timing or race condition exploitation. Patch available per vendor advisory (MSRC). No public exploit identified at time of analysis, EPSS data not provided.

Technical ContextAI

CWE-416 use-after-free vulnerabilities occur when a program continues to use a memory pointer after the memory has been freed, leading to memory corruption. In WalletService-a Windows component handling payment credential storage and secure transactions-this flaw allows manipulation of freed memory to corrupt program state. Affects Windows Server 2016 (build 10.0.14393.0 to <10.0.14393.9060), Server 2019 (10.0.17763.0 to <10.0.17763.8644), Server 2022 (10.0.20348.0 to <10.0.20348.5020 and 23H2 10.0.25398.0 to <10.0.25398.2274), and Server 2025 (10.0.26100.0 to <10.0.26100.32690), including Server Core installations. The local attack vector (AV:L) combined with high attack complexity suggests exploitation requires detailed system knowledge, precise timing of memory operations, or winning a race condition between free and reuse operations.

RemediationAI

Apply Microsoft security updates immediately to patch the WalletService use-after-free vulnerability. Fixed versions: Windows Server 2016 update to 10.0.14393.9060 or later, Windows Server 2019 update to 10.0.17763.8644 or later, Windows Server 2022 update to 10.0.20348.5020 or later, Windows Server 2022 23H2 Edition update to 10.0.25398.2274 or later, and Windows Server 2025 update to 10.0.26100.32690 or later. Deploy patches through Windows Update, WSUS, or Microsoft Update Catalog following standard change management procedures. Consult the official Microsoft Security Response Center advisory at https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-32080 for detailed update packages and installation guidance. No workarounds identified; patching is the only effective mitigation. Prioritize servers with Remote Desktop access or multiple local users, then proceed to isolated infrastructure.

Share

CVE-2026-32080 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy