Skip to main content

Windows Win32K EUVDEUVD-2026-35758

| CVE-2026-44803 HIGH
Integer Overflow or Wraparound (CWE-190)
2026-06-09 secure@microsoft.com GHSA-9978-hjf6-vg85
High
Disputed · 7.8 Vendor: microsoft
Temporal: 6.8
Share

Severity by source

Sources disagree (Medium–Critical)
Vendor (microsoft) PRIMARY
7.8 HIGH
AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
ENISA EUVD
CRITICAL
qualitative
CIRCL (temporal)
6.8 MEDIUM
cvss

vuln.today treats the vendor’s rating as authoritative. A higher third-party CVSS (e.g. CISA-ADP) is shown for transparency but does not drive the headline severity.

CVSS VectorVendor: microsoft

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Attack Vector
Local
Attack Complexity
Low
Privileges Required
None
User Interaction
Required
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

3
Patch available
Jun 09, 2026 - 19:03 EUVD
Analysis Generated
Jun 09, 2026 - 18:48 vuln.today
CVE Published
Jun 09, 2026 - 17:17 nvd
HIGH 7.8

DescriptionCVE.org

Integer overflow or wraparound in Windows Win32K - GRFX allows an unauthorized attacker to execute code locally.

AnalysisAI

Local code execution in the Windows Win32K GRFX (graphics) subsystem allows an unauthorized attacker with the ability to run code locally to escalate privileges through an integer overflow. The flaw was reported by Microsoft (MSRC) and carries a CVSS 7.8, but requires user interaction (UI:R) and local access (AV:L), and no public exploit identified at time of analysis.

Technical ContextAI

Win32K is the kernel-mode component of Windows that implements the windowing system, USER and GDI services; the GRFX (graphics) sub-component handles font, glyph, bitmap and other graphics primitives. CWE-190 (Integer Overflow or Wraparound) indicates that an arithmetic calculation - likely a size, offset, or length used during graphics object processing - wraps past its maximum representable value, producing an undersized allocation or out-of-bounds index that the surrounding code subsequently trusts. Because Win32K runs in the kernel, a successful overflow that corrupts memory can be leveraged into kernel-mode code execution, which is consistent with the 'Microsoft' / 'Buffer Overflow' / 'Integer Overflow' tags and the Confidentiality/Integrity/Availability = High CVSS impacts.

RemediationAI

Apply the Microsoft security update for CVE-2026-44803 from the MSRC update guide at https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-44803 - patch available per vendor advisory, though a specific fix build number was not provided in the input data and should be read directly from the advisory's 'Security Updates' table for each affected Windows SKU. Until patching, compensating controls should focus on reducing exposure of the Win32K GRFX path: restrict execution of untrusted binaries and documents on affected hosts via AppLocker/WDAC (side effect: may block legitimate user-installed tools), enable Win32k system call filtering / Win32k lockdown for processes that support it such as browser renderers (side effect: incompatible with some legacy graphics-heavy apps), and prevent low-privileged or guest accounts from running arbitrary code interactively (side effect: impacts shared workstation use cases). Standard endpoint detection on suspicious kernel exploit primitives (token-stealing, GDI object spraying) is also advisable as a detective control.

More in Excel

View all
CVE-2015-0097 CRITICAL POC
9.3 Mar 11

Microsoft Excel 2007 SP3, PowerPoint 2007 SP3, Word 2007 SP3, Excel 2010 SP2, PowerPoint 2010 SP2, and Word 2010 SP2 all

CVE-2015-2523 CRITICAL POC
9.3 Sep 09

Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, Excel for Mac 2011 and 2016, Office Compati

CVE-2013-1315 CRITICAL POC
9.3 Sep 11

Microsoft SharePoint Server 2007 SP3, 2010 SP1 and SP2, and 2013; Office Web Apps 2010; Excel 2003 SP3, 2007 SP3, 2010 S

CVE-2015-2521 CRITICAL POC
9.3 Sep 09

Microsoft Excel 2007 SP3, Excel 2010 SP2, Office Compatibility Pack SP3, and Excel Viewer allow remote attackers to exec

CVE-2015-2520 CRITICAL POC
9.3 Sep 09

Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel for Mac 2011 and 2016, Office Compatibility Pack SP3, and Excel Viewer a

CVE-2012-2543 CRITICAL
9.3 Nov 14

Stack-based buffer overflow in Microsoft Excel 2007 SP2 and SP3 and 2010 SP1; Office 2011 for Mac; Excel Viewer; and Off

CVE-2012-1885 CRITICAL
9.3 Nov 14

Heap-based buffer overflow in Microsoft Excel 2003 SP3, 2007 SP2 and SP3, and 2010 SP1; Office 2008 and 2011 for Mac; an

CVE-2013-3889 CRITICAL
9.3 Oct 09

Microsoft Excel 2007 SP3, 2010 SP1 and SP2, 2013, and 2013 RT; Office 2007 SP3, 2010 SP1 and SP2, 2013, and 2013 RT; Off

CVE-2012-0185 CRITICAL
9.3 May 09

Heap-based buffer overflow in Microsoft Excel 2007 SP2 and SP3 and 2010 Gold and SP1, Excel Viewer, and Office Compatibi

CVE-2012-1847 CRITICAL
9.3 May 09

Microsoft Excel 2003 SP3, 2007 SP2 and SP3, and 2010 Gold and SP1; Office 2008 and 2011 for Mac; Excel Viewer; and Offic

CVE-2012-1886 CRITICAL
9.3 Nov 14

Microsoft Excel 2003 SP3, 2007 SP2 and SP3, and 2010 SP1; Excel Viewer; and Office Compatibility Pack SP2 and SP3 allow

CVE-2012-0142 CRITICAL
9.3 May 09

Microsoft Excel 2003 SP3, 2007 SP2 and SP3, and 2010 Gold and SP1; Office 2008 for Mac; Excel Viewer; and Office Compati

Share

EUVD-2026-35758 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy