What is the CVSS score of CVE-2026-44799?

CVE-2026-44799 has a CVSS 3.1 base score of 7.5 (High). CVSS vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H. EPSS exploitation probability: 0.1%.

Which versions of Microsoft Remote Desktop Client are affected by CVE-2026-44799?

Microsoft Remote Desktop Client contains a critical vulnerability that could allow attackers to compromise employee systems when remote workers connect to malicious servers, with no public exploit…. A patch is available.

How to fix or mitigate CVE-2026-44799?

24 hours: Inventory all RDP deployments by criticality level, disable Remote Desktop on non-essential systems, and alert remote workers to avoid connecting to untrusted servers. 7 days: Implement network-level restrictions limiting RDP access to trusted internal networks only, deploy RDP traffic monitoring, and enforce VPN as prerequisite for all RDP sessions. 30 days: Continuously monitor MSRC advisories (support.microsoft.com/msrc) for patch availability and establish expedited deployment procedures to apply patches immediately upon vendor release.

Microsoft Remote Desktop Client CVE-2026-44799

EUVD-2026-35750 HIGH

Heap-based Buffer Overflow (CWE-122)

2026-06-09 secure@microsoft.com

GHSA-crj8-fmhj-6r4h

Heap Overflow Buffer Overflow Remote Desktop Client Windows App Windows 10 1607 Windows 10 1809 Windows 10 21h2 Windows 10 22h2 Windows 11 23h2 Windows 11 24h2 Windows 11 25h2 Windows 11 26h1 Windows Server 2012 Windows Server 2016 Windows Server 2019 Windows Server 2022 Windows Server 2025

7.5

CVSS 3.1 · NVD

Temporal: 6.5

Severity by source

NVD PRIMARY

7.5 HIGH

AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

CIRCL (temporal)

6.5 MEDIUM

cvss

Primary rating from NVD.

CVSS VectorNVD

CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

Attack Vector

Network

Attack Complexity

High

Privileges Required

None

User Interaction

Required

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Lifecycle Timeline

Patch available

Jun 09, 2026 - 19:03 EUVD

Analysis Generated

Jun 09, 2026 - 18:47 vuln.today

DescriptionNVD

Heap-based buffer overflow in Remote Desktop Client allows an unauthorized attacker to execute code over a network.

AnalysisAI

Remote code execution in Microsoft Remote Desktop Client arises from a heap-based buffer overflow (CWE-122) that an unauthenticated network attacker can trigger when a victim connects to or interacts with a malicious server. Microsoft (secure@microsoft.com) is the originating reporter and has published an advisory in the MSRC update guide, with no public exploit identified at time of analysis. …

Unlock full vulnerability intelligence

Risk assessment & exploitation conditions
Attack chain visualization
Remediation with exact patch versions
Threat intelligence from 22 sources
Personal watchlist & email alerts

Continue with Google Continue with GitHub

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Recon

Stand up malicious RDP server

Delivery

Phish user with .rdp lure

Exploit

Victim connects to attacker host

Install

Send crafted RDP response

Overflow heap in client parser

Execute

Hijack control flow, execute code

Impact

Establish foothold on workstation

Recon

Stand up malicious RDP server

Delivery

Phish user with .rdp lure

Exploit

Victim connects to attacker host

Install

Send crafted RDP response

Overflow heap in client parser

Execute

Hijack control flow, execute code

Impact

Establish foothold on workstation

Vulnerability AssessmentAI

Exploitation	The victim must initiate or accept an RDP connection from the Microsoft Remote Desktop Client to an attacker-controlled or attacker-influenced RDP server (UI:R), so a purely passive client on the network is not exposed. … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment	Signals point to a meaningful but not top-tier priority. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario	An attacker stands up a malicious RDP server and lures a target - via phishing link, .rdp file attachment, watering-hole, or rogue Wi-Fi captive portal - to connect with the Windows Remote Desktop Client. During session negotiation or virtual-channel data exchange, the malicious server returns a crafted message that overflows a heap buffer in the client, achieving code execution in the user's context on the victim workstation. …
Remediation	Apply the Microsoft security update for CVE-2026-44799 as listed in the MSRC update guide at https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-44799; patch available per vendor advisory, but a specific fixed build is not included in the provided data and must be read from that advisory and the associated monthly cumulative update for each affected Windows release. … Detailed patch versions, workarounds, and compensating controls in full report.

Recommended ActionAI

24 hours: Inventory all RDP deployments by criticality level, disable Remote Desktop on non-essential systems, and alert remote workers to avoid connecting to untrusted servers. …

Threat intelligence, references, and detailed analysis are available after sign-in.

CVE-2026-44799 vulnerability details – vuln.today

Back

Microsoft Remote Desktop Client CVE-2026-44799

Severity by source

CVSS VectorNVD

Lifecycle Timeline

DescriptionNVD

AnalysisAI

Unlock full vulnerability intelligence

Attack ChainAIDerived

Vulnerability AssessmentAI

Recommended ActionAI

Share

External POC / Exploit Code