What is the CVSS score of EUVD-2026-35587?

EUVD-2026-35587 has a CVSS 3.1 base score of 7.8 (High). CVSS vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H. EPSS exploitation probability: 0.1%.

Which versions of Windows Media are affected by EUVD-2026-35587?

A high-severity vulnerability in Microsoft Windows Media (CVE-2026-48574, CVSS 7.8) allows attackers with local access to execute code by distributing crafted media files to end users, posing…. A patch is available.

How to fix or mitigate EUVD-2026-35587?

Within 24 hours: Catalog systems with Windows Media enabled; alert users not to open media files from external or unverified sources; evaluate whether Windows Media is essential for business operations. Within 7 days: Implement mitigations-disable Windows Media autoplay, enforce media player execution policies, and deploy endpoint monitoring for suspicious Windows Media activity. Within 30 days: Establish monitoring for Microsoft patch release; prepare and test deployment procedures for the security update when available; reassess systems that cannot immediately adopt compensating controls.

Windows Media EUVD-2026-35587

| CVE-2026-48574 HIGH

Heap-based Buffer Overflow (CWE-122)

2026-06-09 secure@microsoft.com

GHSA-3c3c-r5gv-pf8w

Heap Overflow Microsoft Buffer Overflow

7.8

CVSS 3.1 · NVD

Temporal: 6.8

Severity by source

NVD PRIMARY

7.8 HIGH

AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CIRCL (temporal)

6.8 MEDIUM

cvss

Primary rating from NVD.

CVSS VectorNVD

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Attack Vector

Local

Attack Complexity

Low

Privileges Required

None

User Interaction

Required

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Lifecycle Timeline

Patch available

Jun 09, 2026 - 19:03 EUVD

Analysis Generated

Jun 09, 2026 - 17:47 vuln.today

CVE Published

Jun 09, 2026 - 17:17 nvd

HIGH 7.8

DescriptionCVE.org

Heap-based buffer overflow in Windows Media allows an unauthorized attacker to execute code locally.

AnalysisAI

Local code execution in Microsoft Windows Media is possible through a heap-based buffer overflow that triggers when a user opens or processes a crafted media file. The flaw (CWE-122) carries a CVSS 7.8 with local attack vector and user interaction required, and no public exploit identified at time of analysis. …

Unlock full vulnerability intelligence

Risk assessment & exploitation conditions
Attack chain visualization
Remediation with exact patch versions
Threat intelligence from 22 sources
Personal watchlist & email alerts

Continue with Google Continue with GitHub

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access

Craft malicious media file

Delivery

Deliver via email or web download

Exploit

Victim opens file in Windows Media handler

Execution

Trigger heap buffer overflow during parsing

Persist

Hijack control flow via corrupted heap metadata

Impact

Execute arbitrary code as victim user

Access

Craft malicious media file

Delivery

Deliver via email or web download

Exploit

Victim opens file in Windows Media handler

Execution

Trigger heap buffer overflow during parsing

Persist

Hijack control flow via corrupted heap metadata

Impact

Execute arbitrary code as victim user

Vulnerability AssessmentAI

Exploitation	The victim must open or render a maliciously crafted media file using a Windows Media-backed handler - this is the explicit UI:R requirement in the CVSS vector. … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment	The CVSS 7.8 vector (AV:L/AC:L/PR:N/UI:R) describes a low-complexity local attack requiring no privileges but requiring user interaction - consistent with a file-open or media-render scenario rather than network-reachable exploitation. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario	An attacker emails a victim a crafted media file (or hosts it on a website the victim is lured to visit) and the victim double-clicks or previews it in a Windows Media-backed handler. Parsing the malformed media stream triggers a heap overflow that corrupts adjacent heap metadata or object pointers, allowing the attacker to execute arbitrary code in the victim's user context. …
Remediation	Apply the Microsoft security update referenced in the MSRC advisory at https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-48574 as soon as it is released to your servicing channel; exact fixed build numbers must be obtained from that advisory as they are not included in the provided data (patch available per vendor advisory). … Detailed patch versions, workarounds, and compensating controls in full report.

Recommended ActionAI

Within 24 hours: Catalog systems with Windows Media enabled; alert users not to open media files from external or unverified sources; evaluate whether Windows Media is essential for business operations. …

Threat intelligence, references, and detailed analysis are available after sign-in.

EUVD-2026-35587 vulnerability details – vuln.today

Back

Windows Media EUVD-2026-35587

Severity by source

CVSS VectorNVD

Lifecycle Timeline

DescriptionCVE.org

AnalysisAI

Unlock full vulnerability intelligence

Attack ChainAIDerived

Vulnerability AssessmentAI

Recommended ActionAI

Share

External POC / Exploit Code