{"@odata.context":"https://api.msrc.microsoft.com/sug/v2.0/sugodata/v2.0/en-US/$metadata#vulnerability/$entity","id":"00000000-0000-0000-0000-0000afbae5e8","releaseDate":"2026-06-09T07:00:00-07:00","cveNumber":"CVE-2026-45657","cveTitle":"Windows Kernel Remote Code Execution Vulnerability","releaseNumber":"2026-Jun","vulnType":"Security Vulnerability","latestRevisionDate":"2026-06-09T07:00:00-07:00","description":"<p>Use after free in Windows Kernel allows an unauthorized attacker to execute code over a network.</p>\n","cweList":["CWE-416: Use After Free","CWE-122: Heap-based Buffer Overflow"],"cweDetailsListForSearch":["cwe: CWE-416: Use After Free","cweUrl: https://cwe.mitre.org/data/definitions/416.html","cwe: CWE-122: Heap-based Buffer Overflow","cweUrl: https://cwe.mitre.org/data/definitions/122.html"],"unformattedDescription":"Use after free in Windows Kernel allows an unauthorized attacker to execute code over a network.","mitreText":"CVE-2026-45657","mitreUrl":"https://www.cve.org/CVERecord?id=CVE-2026-45657","publiclyDisclosed":"No","exploited":"No","latestSoftwareReleaseId":2,"latestSoftwareRelease":"Exploitation Less Likely","olderSoftwareReleaseId":0,"denialOfService":"N/A","tag":"Windows Kernel","issuingCna":"Microsoft","issuingCnaId":100000001,"severityId":100000000,"severity":"Critical","impactId":100000005,"impact":"Remote Code Execution","langCode":"en-US","baseScore":"9.8","temporalScore":"8.5","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C","vectorStringSource":"Microsoft","isMariner":false,"customerActionRequired":true,"customerActionRequiredId":1,"cweDetailsList":[{"keys":["cwe","cweUrl"],"values":["CWE-416: Use After Free","https://cwe.mitre.org/data/definitions/416.html"]},{"keys":["cwe","cweUrl"],"values":["CWE-122: Heap-based Buffer Overflow","https://cwe.mitre.org/data/definitions/122.html"]}],"articles":[{"title":"Windows Kernel Remote Code Execution Vulnerability","articleType":"100000000","description":"<p>Use after free in Windows Kernel allows an unauthorized attacker to execute code over a network.</p>\n","ordinal":10000},{"articleType":"FAQ","description":"<p><strong>How could an attacker exploit the vulnerability?</strong></p>\n<p>An attacker could exploit this vulnerability by sending specially crafted network traffic to a vulnerable Windows system. If successful, the malicious network packets could trigger a flaw in how the Windows kernel processes certain TCP/IP data, potentially allowing the attacker to run code with system-level privileges without needing to sign in or interact with a user.</p>\n","ordinal":10000}],"revisions":[{"cveNumber":"CVE-2026-45657","version":1,"revisionDate":"2026-06-09T07:00:00-07:00","initialDate":"0001-01-01T00:00:00Z","description":"<p>Information published.</p>\n","unformattedDescription":"Information published.","notificationNeeded":false,"notificationSent":false,"sourceId":"e57322e8-3855-f111-939e-000d3ac5fb71"}]}