CVE-2026-45636

HIGH WAF: Medium

CVSS 7.8 Published: 2026-06-09

CWE-20

Heap-based buffer overflow in Windows NTFS allows an unauthorized attacker to execute code locally.

WAF Coverage Analysis

Improper Input Validation Medium WAF Coverage

OWASP: A03:2021 Injection

920xxx - Protocol Enforcement 941xxx - XSS / XXE 942xxx - SQL Injection

Affected Software

Vendor	Product	Version
microsoft	windows_10_1607	up to 10.0.14393.9234
microsoft	windows_10_1607	up to 10.0.14393.9234
microsoft	windows_10_1809	up to 10.0.17763.8880
microsoft	windows_10_1809	up to 10.0.17763.8880
microsoft	windows_10_21h2	up to 10.0.19044.7417
microsoft	windows_10_21h2	up to 10.0.19044.7417
microsoft	windows_10_21h2	up to 10.0.19044.7417
microsoft	windows_10_22h2	up to 10.0.19045.7417
microsoft	windows_10_22h2	up to 10.0.19045.7417
microsoft	windows_10_22h2	up to 10.0.19045.7417

References

msrc.microsoft.com (Vendor Advisory)

Back to CVE Database