Severity by source
AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Primary rating from NVD.
CVSS VectorNVD
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Lifecycle Timeline
3DescriptionNVD
Use after free in Windows Network Controller (NC) Host Agent allows an authorized attacker to deny service locally.
AnalysisAI
Use-after-free in the Windows Network Controller (NC) Host Agent enables a locally authenticated attacker to crash the service, resulting in a denial of service on affected Windows Server deployments. The vulnerability carries a CVSS score of 5.5 (Medium) with local attack vector and low-privilege requirements, limiting its blast radius to service availability - confidentiality and integrity are unaffected. No public exploit code exists and CISA KEV listing is absent at time of analysis, though a vendor patch from Microsoft is available and should be prioritized on Windows Server deployments leveraging Software Defined Networking.
Technical ContextAI
CWE-416 (Use After Free) describes a memory safety flaw where a program continues to reference memory after it has been freed, potentially allowing attackers to influence program execution or, in this case, cause a crash. The affected component, the Windows Network Controller Host Agent, is a Windows Server service that forms part of Microsoft's Software Defined Networking (SDN) stack - it facilitates communication between the Network Controller and Hyper-V hosts in virtualized datacenter environments. The CVSS vector (AV:L/AC:L/PR:L/UI:N) indicates the flaw is reachable locally with standard user privileges and requires no user interaction, consistent with a locally triggerable memory corruption in a privileged service process.
RemediationAI
Microsoft has released patches addressing this vulnerability. Administrators should update to the following fixed builds or later: Windows Server 2019 to 10.0.17763.8880 or above, Windows Server 2022 to 10.0.20348.5256 or above, and Windows Server 2025 to 10.0.26100.32995 or above. Patches should be applied via Windows Update or WSUS per standard Microsoft update guidance, with full details in the MSRC advisory at https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-44805. If immediate patching is not feasible in environments not actively using SDN/Network Controller functionality, disabling or stopping the NC Host Agent service is a targeted compensating control; note this will disrupt SDN policy enforcement on Hyper-V hosts connected to a Network Controller fabric. No other vendor-documented workarounds are confirmed at time of analysis.
Same weakness CWE-416 – Use After Free
View allSame technique Use After Free
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-35746
GHSA-hr83-xf6f-c3j7