CVE-2026-42896
High
Published: 12 May 2026
Published
12 May 2026
Modified
12 May 2026
KEV Added
—
Patch
—
CVSS Score
7.8
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS Score
N/A
Risk Priority
16
60% EPSS · 20% KEV · 20% CVSS
Summary
CVE-2026-42896 is a high-severity Heap-based Buffer Overflow (CWE-122) vulnerability. Its CVSS base score is 7.8 (High).
Operationally, it is not currently listed in the CISA KEV catalog.
NVD Description
Integer overflow or wraparound in Windows DWM Core Library allows an authorized attacker to elevate privileges locally.
Deeper analysisAI
Automated synthesis unavailable for this CVE.
Details
- CWE(s)