Heap-based Buffer Overflow in Windows NTFS by Microsoft
CVE-2026-58640

7.3HIGH

What is CVE-2026-58640?

A heap-based buffer overflow vulnerability in Windows NTFS enables an authorized attacker to execute arbitrary code locally. If successfully exploited, this vulnerability may allow the attacker to gain elevated permissions and execute malicious commands on the affected system. It is essential for users to apply the latest security updates and patches from Microsoft to mitigate potential risks associated with this vulnerability.

Affected Version(s)

Windows 10 Version 1607 32-bit Systems 10.0.14393.0 < 10.0.14393.9339

Windows 10 Version 1809 32-bit Systems 10.0.17763.0 < 10.0.17763.9020

Windows 10 Version 21H2 32-bit Systems 10.0.19044.0 < 10.0.19044.7548

References

CVSS V3.1

Score:
7.3
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.