Severity by source
AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
Network-delivered content with required victim interaction (UI:R) and non-deterministic memory-corruption conditions (AC:H), no auth needed (PR:N), yielding full code-execution impact (C/I/A:H).
Primary rating from Vendor (microsoft).
CVSS VectorNVD
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
Lifecycle Timeline
2DescriptionNVD
Integer overflow or wraparound in Windows Terminal allows an unauthorized attacker to execute code over a network.
AnalysisAI
Remote code execution in Microsoft Windows Terminal allows an unauthenticated attacker to run arbitrary code by tricking a user into interacting with malicious content that triggers an integer overflow (CWE-190). The flaw carries a CVSS 7.5 rating driven by high complexity and required user interaction; no public exploit has been identified at time of analysis, and it is not listed in CISA KEV. …
Unlock full vulnerability intelligence
- Risk assessment & exploitation conditions
- Attack chain visualization
- Remediation with exact patch versions
- Threat intelligence from 22 sources
- Personal watchlist & email alerts
Free forever · No credit card required
Attack ChainAIDerived
Hypothetical attack flow derived from CVE metadata
Vulnerability AssessmentAI
| Exploitation | Exploitation requires user interaction (UI:R) - a victim must open or interact with attacker-crafted content inside Windows Terminal that triggers the integer overflow - and requires overcoming high attack complexity (AC:H), meaning success depends on conditions outside the attacker's full control such as memory layout or timing. … Additional conditions and limiting factors are described in the full assessment. |
| Risk Assessment | The CVSS 3.1 vector (AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H) scores 7.5 (High) with full confidentiality, integrity, and availability impact, but two metrics materially reduce real-world urgency: high attack complexity (AC:H) implies conditions the attacker does not fully control (e.g., winning a race or defeating memory-layout mitigations like ASLR), and required user interaction (UI:R) means a victim must open or interact with attacker-supplied content. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in. |
| Exploit Scenario | An attacker crafts malicious content designed to trigger the integer overflow when processed by Windows Terminal and delivers it over the network (for example via a file, link, or remotely rendered data). A user opens or interacts with the content in Windows Terminal, the overflow corrupts memory, and the attacker gains arbitrary code execution in the user's context. … |
| Remediation | Patch available per vendor advisory: update Windows Terminal to the fixed version listed in Microsoft's Security Update Guide at https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-59117 - the exact fixed build is not included in the provided input and should be taken from that advisory. … Detailed patch versions, workarounds, and compensating controls in full report. |
Recommended ActionAI
Within 24 hours, create an inventory of systems running Microsoft Windows Terminal and prioritize developer workstations and administrative machines for remediation. …
Sign in for detailed remediation steps and compensating controls.
Threat intelligence, references, and detailed analysis are available after sign-in.
Same weakness CWE-190 – Integer Overflow or Wraparound
View allSame technique Integer Overflow
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-45059
GHSA-g52r-hw2c-c98r