Skip to main content

Minecraft Bedrock Dedicated Server

1 CVEs product

Monthly

CVE-2026-55010 CRITICAL POC PATCH NEWS Exploit Likely Act Now

Remote code execution in Minecraft Bedrock Dedicated Server allows an unauthenticated network attacker to corrupt heap memory and run arbitrary code via a specially crafted packet, per CVSS:3.1/AV:N/AC:L/PR:N/UI:N (9.8 Critical). The flaw (CWE-122 heap-based buffer overflow) was reported by Microsoft, which has released a fix; there is no public exploit identified at time of analysis and no EPSS or CISA KEV data was supplied, so exploitation remains theoretical but the pre-auth, low-complexity profile makes it high-priority to patch.

Heap Overflow Buffer Overflow Minecraft Bedrock Dedicated Server
NVD
CVSS 3.1
9.8
EPSS
0.8%
EPSS 1% CVSS 9.8
CRITICAL POC PATCH Exploit Likely Act Now

Remote code execution in Minecraft Bedrock Dedicated Server allows an unauthenticated network attacker to corrupt heap memory and run arbitrary code via a specially crafted packet, per CVSS:3.1/AV:N/AC:L/PR:N/UI:N (9.8 Critical). The flaw (CWE-122 heap-based buffer overflow) was reported by Microsoft, which has released a fix; there is no public exploit identified at time of analysis and no EPSS or CISA KEV data was supplied, so exploitation remains theoretical but the pre-auth, low-complexity profile makes it high-priority to patch.

Heap Overflow Buffer Overflow Minecraft Bedrock Dedicated Server
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy