CVE-2026-23669

Use after free in RPC Runtime allows an authorized attacker to execute code over a network.

Description

Vendor	Product	Versions
microsoft	windows_10_1607	< 10.0.14393.8957, < 10.0.14393.8957, < 10.0.17763.8511, < 10.0.17763.8511, < 10.0.19044.7058, < 10.0.19044.7058, < 10.0.19044.7058, < 10.0.19045.7058, < 10.0.19045.7058, < 10.0.19045.7058, < 10.0.22631.6783, < 10.0.22631.6783, < 10.0.26100.7979, < 10.0.26100.7979, < 10.0.26200.7979, < 10.0.26200.7979, < 10.0.28000.1719, < 10.0.28000.1719, < 10.0.14393.8957, < 10.0.17763.8511, < 10.0.20348.4830, < 10.0.25398.2207, < 10.0.26100.32463

Tier A

Microsoft MSRC16h ago

→ No new info (linked only)

CVSS 3.18.8 HIGH

VectorCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CISA KEV❌ No

Actively exploited❌ No

CWECWE-416

Published3/10/2026

Last enriched4h ago

Trending Score16

Source articles1

Independent1

Info Completeness8/14

Missing: epss, kev, exploit, patch, iocs, mitre_attack

0 upvotes0 downvotes

No votes yet

State: verified

Confidence: 100%