Severity by source
Sources disagree (Medium–Critical)AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
vuln.today treats the vendor’s rating as authoritative. A higher third-party CVSS (e.g. CISA-ADP) is shown for transparency but does not drive the headline severity.
CVSS VectorVendor: microsoft
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Lifecycle Timeline
3DescriptionCVE.org
Integer overflow or wraparound in Windows Win32K - GRFX allows an unauthorized attacker to execute code locally.
AnalysisAI
Local code execution in the Windows Win32K GRFX (graphics) subsystem allows an unauthorized attacker with the ability to run code locally to escalate privileges through an integer overflow. The flaw was reported by Microsoft (MSRC) and carries a CVSS 7.8, but requires user interaction (UI:R) and local access (AV:L), and no public exploit identified at time of analysis.
Technical ContextAI
Win32K is the kernel-mode component of Windows that implements the windowing system, USER and GDI services; the GRFX (graphics) sub-component handles font, glyph, bitmap and other graphics primitives. CWE-190 (Integer Overflow or Wraparound) indicates that an arithmetic calculation - likely a size, offset, or length used during graphics object processing - wraps past its maximum representable value, producing an undersized allocation or out-of-bounds index that the surrounding code subsequently trusts. Because Win32K runs in the kernel, a successful overflow that corrupts memory can be leveraged into kernel-mode code execution, which is consistent with the 'Microsoft' / 'Buffer Overflow' / 'Integer Overflow' tags and the Confidentiality/Integrity/Availability = High CVSS impacts.
RemediationAI
Apply the Microsoft security update for CVE-2026-44803 from the MSRC update guide at https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-44803 - patch available per vendor advisory, though a specific fix build number was not provided in the input data and should be read directly from the advisory's 'Security Updates' table for each affected Windows SKU. Until patching, compensating controls should focus on reducing exposure of the Win32K GRFX path: restrict execution of untrusted binaries and documents on affected hosts via AppLocker/WDAC (side effect: may block legitimate user-installed tools), enable Win32k system call filtering / Win32k lockdown for processes that support it such as browser renderers (side effect: incompatible with some legacy graphics-heavy apps), and prevent low-privileged or guest accounts from running arbitrary code interactively (side effect: impacts shared workstation use cases). Standard endpoint detection on suspicious kernel exploit primitives (token-stealing, GDI object spraying) is also advisable as a detective control.
Microsoft Excel 2007 SP3, PowerPoint 2007 SP3, Word 2007 SP3, Excel 2010 SP2, PowerPoint 2010 SP2, and Word 2010 SP2 all
Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, Excel for Mac 2011 and 2016, Office Compati
Microsoft SharePoint Server 2007 SP3, 2010 SP1 and SP2, and 2013; Office Web Apps 2010; Excel 2003 SP3, 2007 SP3, 2010 S
Microsoft Excel 2007 SP3, Excel 2010 SP2, Office Compatibility Pack SP3, and Excel Viewer allow remote attackers to exec
Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel for Mac 2011 and 2016, Office Compatibility Pack SP3, and Excel Viewer a
Stack-based buffer overflow in Microsoft Excel 2007 SP2 and SP3 and 2010 SP1; Office 2011 for Mac; Excel Viewer; and Off
Heap-based buffer overflow in Microsoft Excel 2003 SP3, 2007 SP2 and SP3, and 2010 SP1; Office 2008 and 2011 for Mac; an
Microsoft Excel 2007 SP3, 2010 SP1 and SP2, 2013, and 2013 RT; Office 2007 SP3, 2010 SP1 and SP2, 2013, and 2013 RT; Off
Heap-based buffer overflow in Microsoft Excel 2007 SP2 and SP3 and 2010 Gold and SP1, Excel Viewer, and Office Compatibi
Microsoft Excel 2003 SP3, 2007 SP2 and SP3, and 2010 Gold and SP1; Office 2008 and 2011 for Mac; Excel Viewer; and Offic
Microsoft Excel 2003 SP3, 2007 SP2 and SP3, and 2010 SP1; Excel Viewer; and Office Compatibility Pack SP2 and SP3 allow
Microsoft Excel 2003 SP3, 2007 SP2 and SP3, and 2010 Gold and SP1; Office 2008 for Mac; Excel Viewer; and Office Compati
Same weakness CWE-190 – Integer Overflow or Wraparound
View allSame technique Integer Overflow
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-35758
GHSA-9978-hjf6-vg85