Zero Day MonitorZDM

← Back to list

7.8

CVE-2026-40369EXPLOITEDPATCHED

microsoft · windows_11_24h2

Windows Kernel Elevation of Privilege Vulnerability

Description

Untrusted pointer dereference in Windows Kernel allows an authorized attacker to elevate privileges locally.

Affected Products

Vendor	Product	Versions
microsoft	windows_11_24h2	10.0.26100.0, 10.0.26200.0, 10.0.28000.0, 10.0.26100.0, 10.0.26100.0

Also Affects

Downstream vendors/products affected by this vulnerability

Vendor	Product	Source	Confidence
microsoft	windows 11 version 26h1	mitre_affected	90%
microsoft	windows 11 version 25h2	mitre_affected	90%
microsoft	windows	mitre_affected	90%
microsoft	windows server 2025 (server core installation)	mitre_affected	90%
microsoft	microsoft windows	cert_advisory	90%

References

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-40369(vendor-advisory, patch)

Related News (7 articles)

Tier E

Hacker News2d ago

Show HN: CVE-2026-40369 Windows Kernel Arbitrary Write Chrome SBX

→ No new info (linked only)

Tier E

Hacker News9d ago

CVE-2026-40369: Twelve Bytes to Escape the Browser Sandbox

→ No new info (linked only)

Tier E

Lobsters Security14d ago

CVE-2026-40369: Arbitrary Kernel Address Increment via NtQuerySystemInformation

→ No new info (linked only)

Tier B

BSI Advisories17d ago

[NEU] [hoch] Microsoft Windows Produkte: Mehrere Schwachstellen

→ No new info (linked only)

Tier C

Qualys Blog18d ago

Microsoft and Adobe Patch Tuesday, May 2026 Security Update Review

→ No new info (linked only)

Tier C

VulDB18d ago

CVE-2026-40369 | Microsoft Windows 11 24H2/11 25H2/11 26H1/Server 2025 Kernel untrusted pointer dereference

→ No new info (linked only)

Tier A

Microsoft MSRC18d ago

CVE-2026-40369 Windows Kernel Elevation of Privilege Vulnerability

→ No new info (linked only)

CVSS 3.17.8 HIGH

VectorCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

CISA KEV❌ No

Actively exploited✅ Yes

Patch available

10.0.26100.845710.0.26200.845710.0.28000.211310.0.26100.32860

CWECWE-822

PublishedMay 12, 2026

Last enriched18d agov3

Trending Score60

Source articles7

Independent6

Info Completeness10/14

Missing: epss, kev, iocs, mitre_attack

Community Vote

0 upvotes0 downvotes

No votes yet

Related CVEs (5)

HIGHCVE-2026-33825EXPKEV

Microsoft Defender Elevation of Privilege Vulnerability

HIGHCVE-2026-41091EXPKEV

Microsoft Defender Elevation of Privilege Vulnerability

MEDIUMCVE-2026-32202EXPKEV

Windows Shell Spoofing Vulnerability

MEDIUMCVE-2026-45498EXPKEV

Microsoft Defender Denial of Service Vulnerability

MEDIUMCVE-2026-45585EXP

Windows BitLocker Security Feature Bypass Vulnerability

Pin to Dashboard

Verification

State: verified

Confidence: 0%

Vulnerability Timeline

CVE Published

May 12, 2026

Discovered by ZDM

May 12, 2026

Updated: description, exploitAvailable, activelyExploited

May 12, 2026

Updated: affectedVersions

May 12, 2026

Actively Exploited

May 26, 2026

Exploit Available

May 26, 2026

Patch Available

May 26, 2026

Version History

v3

Last enriched 18d ago

v3Tier C18d ago

Updated severity to CRITICAL, added affected versions 11 25H2 and 11 26H1, and provided a new description.

affectedVersions

via VulDB

v2Tier A18d ago

Added a detailed description of the vulnerability and marked it as actively exploited with an exploit available.

descriptionexploitAvailableactivelyExploited

via Microsoft MSRC

v118d ago

Initial creation