Primary

Context

Microsoft Windows Hyper-V Out-of-Bounds Read Vulnerability Leading to Local Remote Code Execution

Vulnerability

Patched

A vulnerability allowing out-of-bounds read has been identified in Windows Hyper-V. This issue could enable an unauthorized attacker to execute code locally. The vulnerability affects multiple versions of Windows 10, Windows 11, Windows Server 2022, and Windows Server 2025. Exploitation would require an authenticated attacker on a guest virtual machine to send specially crafted file operation requests that could result in remote code execution on the host server.

Impact

Exploitation of this vulnerability could lead to unauthorized code execution on the local host machine.

Remediation

Users can download the security update for this vulnerability via the Microsoft Update Catalog. Specific update details can be found in the Microsoft Knowledge Base articles KB5095051, KB5094125, KB5094126, KB5093998, KB5094127, and KB5094128.

Added: Jun 10, 2026, 1:40 AM

Updated: Jun 10, 2026, 1:40 AM

Vulnerability Rating

Custom Algorithm

spread

8.4

impact

10.0

exploitability

2.7

remediation

7.7

relevance

9.4

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

8.4

impact

10.0

exploitability

2.7

remediation

7.7

relevance

9.4

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Microsoft Windows Hyper-V Out-of-Bounds Read Vulnerability Leading to Local Remote Code Execution

Vulnerability

Impact

Remediation

Affected Products

Microsoft Windows 11

Microsoft Windows Server 2025

Microsoft Windows 10

Microsoft Windows Server 2022

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating