Integer Overflow Vulnerability in Windows Win32K Graphics Component
CVE-2026-44812

7.8HIGH

Key Information:

Vendor

Microsoft
Status
Microsoft Excel For Android
Microsoft Powerpoint For Android
Microsoft Word For Android
Windows 10 Version 1607
Vendor
CVE Published:
9 June 2026

Badges

📰 News Worthy

What is CVE-2026-44812?

A vulnerability exists within the Windows Win32K graphics component, where an integer overflow or wraparound can be exploited by an unauthorized attacker. This flaw allows for the potential execution of arbitrary code locally, which could compromise system integrity and security. Systems running Windows 10 and Windows Server versions prior to specified updates are particularly at risk. Awareness of this vulnerability is crucial for users and organizations to safeguard their infrastructure.

Affected Version(s)

Microsoft Excel for Android 16.0.0.0 < 16.0.20131.20024

Microsoft PowerPoint for Android 16.0.0.0 < 16.0.20131.20024

Microsoft Word for Android 16.0.0.0 < 16.0.20131.20024

News Articles

favicon imageDark Reading

Blame AI: Patch Tuesday Hits Record 206 CVEs

Voluminous patch updates could soon be the norm, as artificial intelligence accelerates the speed and scale of vulnerability discovery.

3 weeks ago

References

https://msrc.microsoft.com/update-guide/vulnerability/CVE...
vendor-advisorypatch

CVSS V3.1

Score:
7.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • 📰

    First article discovered by Dark Reading

  • Vulnerability published

  • Vulnerability Reserved

.