Is Windows Server 2012 affected by EUVD-2026-22376?

Windows Server Update Service (WSUS) contains a network-accessible denial of service vulnerability (CVE-2026-26154) affecting all supported Windows Server versions that can be exploited without authentication, potentially disrupting patch management infrastructure and server availability across…

EUVD-2026-22376

| CVE-2026-26154 HIGH

2026-04-14 microsoft

Authentication Bypass Microsoft Windows Server 2012 Windows Server 2012 Server Core Installation Windows Server 2012 R2 Windows Server 2012 R2 Server Core Installation Windows Server 2016 Windows Server 2016 Server Core Installation Windows Server 2019 Windows Server 2019 Server Core Installation Windows Server 2022 Windows Server 2022 23H2 Edition Server Core Installation Windows Server 2025 Windows Server 2025 Server Core Installation

7.5

CVSS 3.1

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

None

Integrity

None

Availability

High

Lifecycle Timeline

Analysis Generated

Apr 14, 2026 - 19:12 vuln.today

DescriptionNVD

Improper input validation in Windows Server Update Service allows an unauthorized attacker to perform tampering over a network.

AnalysisAI

Windows Server Update Service (WSUS) fails to properly validate network inputs, allowing unauthenticated remote attackers to cause denial of service across all Windows Server versions from 2012 through 2025. The vulnerability (CVSS 7.5) enables network-based tampering with high availability impact (AV:N/AC:L/PR:N/UI:N/A:H), though confidentiality and integrity remain unaffected. …

RemediationAI

Within 24 hours: Inventory all WSUS servers and confirm network exposure status (prioritize internet-facing instances). Within 7 days: Apply vendor-released patch to all WSUS deployments; test in non-production environment first. …

Analysis

Detailed AI-generated intelligence summary covering attack vector, impact assessment, affected versions, remediation steps, and indicators of compromise.

POChttps://••••••••••.com/exploit

PATCHhttps://••••••••••.com/patch

ADVISORYhttps://••••••••••.com/advisory

Full analysis requires sign-in

Get intelligence summaries, risk assessment, exploit details, threat intel, and remediation guidance.

EUVD-2026-22376 vulnerability details – vuln.today

Back

EUVD-2026-22376

CVSS VectorNVD

Lifecycle Timeline

DescriptionNVD

AnalysisAI

RemediationAI

Full analysis requires sign-in

Share

External POC / Exploit Code