Use after free in Windows SMB Client allows an authorized attacker to elevate privileges locally.
Microsoft
CVE-2026-40410 CVSS 7.0
2026-05-12 07:00 UTC · 2026-05-12 04:00 -03
Use after free in Windows SMB Client allows an authorized attacker to elevate privileges locally.
External control of file name or path in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.
Stack-based buffer overflow in Windows Netlogon allows an unauthorized attacker to execute code over a network.
Heap-based buffer overflow in Microsoft Windows DNS allows an unauthorized attacker to execute code over a network.
Null pointer dereference in Windows LDAP - Lightweight Directory Access Protocol allows an authorized attacker to deny service locally.