Severity by source
AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Primary rating from NVD.
CVSS VectorNVD
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Lifecycle Timeline
6DescriptionCVE.org
Heap-based buffer overflow in Windows Hyper-V allows an unauthorized attacker to execute code locally.
AnalysisAI
Heap-based buffer overflow in Windows Hyper-V enables local code execution with high impact across Windows 10, Windows 11, and Windows Server environments. An unauthenticated attacker with local access can trigger the vulnerability through user interaction (CVSS:3.1 AV:L/AC:L/PR:N/UI:R), achieving full system compromise (C:H/I:H/A:H). Microsoft has released patches addressing 17 affected Windows versions ranging from legacy Windows 10 1607 through Windows 11 26H1 and Windows Server 2025. No publ
Technical ContextAI
This vulnerability (CWE-122: Heap-based Buffer Overflow) resides in the Windows Hyper-V hypervisor, Microsoft's Type-1 virtualization platform that provides hardware-level isolation for virtual machines. Heap-based buffer overflows occur when a program writes data beyond the allocated memory boundary in the heap, potentially corrupting adjacent memory structures and enabling control-flow hijacking. In Hyper-V's context, the vulnerability likely exists in guest-to-host communication channels, VM configuration parsing, or resource management routines where untrusted input from virtual machines or local processes interacts with heap-allocated buffers. The CVSS vector PR:N (No Privileges Required) indicates the flaw can be triggered without authenticated system access, though UI:R (User Interaction Required) suggests social engineering or a secondary trigger mechanism is necessary. The affected CPE strings confirm impact across Windows 10 (versions 1607, 1809, 21H2, 22H2), Windows 11 (22H3, 23H2, 24H2, 25H2, 26H1), and Windows Server editions (2016, 2019, 2022, 2025) including Server Core installations, indicating the vulnerable code exists in core Hyper-V components shared across these platforms.
RemediationAI
Apply Microsoft security updates immediately to patch the heap buffer overflow in Hyper-V. For Windows 10 Version 1607 and Windows Server 2016, upgrade to build 10.0.14393.9060 or later. For Windows 10 Version 1809 and Windows Server 2019, upgrade to build 10.0.17763.8644 or later. For Windows 10 Version 21H2, upgrade to build 10.0.19044.7184 or later. For Windows 10 Version 22H2, upgrade to build 10.0.19045.7184 or later. For Windows 11 Version 22H3 and 23H2, upgrade to build 10.0.22631.6936 or later. For Windows 11 Version 24H2 and Windows Server 2025, upgrade to build 10.0.26100.32690 or later.
Same weakness CWE-122 – Heap-based Buffer Overflow
View allSame technique Heap Overflow
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-22380
GHSA-xgrj-5fxr-f35m