CVE-2026-40397
High
Published: 12 May 2026
Published
12 May 2026
Modified
12 May 2026
KEV Added
—
Patch
—
CVSS Score
7.8
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS Score
N/A
Risk Priority
16
60% EPSS · 20% KEV · 20% CVSS
Summary
CVE-2026-40397 is a high-severity Wrap or Wraparound (CWE-191) vulnerability. Its CVSS base score is 7.8 (High).
Operationally, it is not currently listed in the CISA KEV catalog.
NVD Description
Integer underflow (wrap or wraparound) in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally.
Deeper analysisAI
Automated synthesis unavailable for this CVE.
Details
- CWE(s)