{"@context":"https://openvex.dev/ns/v0.2.0","@id":"https://database.harborguard.co/cve/CVE-2026-42987/vex.json","author":"HarborGuard Database","role":"Document Creator","timestamp":"2026-06-10T17:55:13.895Z","version":1,"tooling":"HarborGuard Database (https://database.harborguard.co)","statements":[{"vulnerability":{"name":"CVE-2026-42987","@id":"https://www.cve.org/CVERecord?id=CVE-2026-42987","description":"Use after free in Windows Deployment Services allows an unauthorized attacker to execute code over a network."},"products":[{"@id":"cpe:2.3:a:microsoft:windows_server_2012:*:*:*:*:*:*:*:*","identifiers":{"cpe23":"cpe:2.3:a:microsoft:windows_server_2012:*:*:*:*:*:*:*:*"}},{"@id":"cpe:2.3:a:microsoft:windows_server_2012_\\(server_core_installation\\):*:*:*:*:*:*:*:*","identifiers":{"cpe23":"cpe:2.3:a:microsoft:windows_server_2012_\\(server_core_installation\\):*:*:*:*:*:*:*:*"}},{"@id":"cpe:2.3:a:microsoft:windows_server_2012_r2:*:*:*:*:*:*:*:*","identifiers":{"cpe23":"cpe:2.3:a:microsoft:windows_server_2012_r2:*:*:*:*:*:*:*:*"}},{"@id":"cpe:2.3:a:microsoft:windows_server_2012_r2_\\(server_core_installation\\):*:*:*:*:*:*:*:*","identifiers":{"cpe23":"cpe:2.3:a:microsoft:windows_server_2012_r2_\\(server_core_installation\\):*:*:*:*:*:*:*:*"}},{"@id":"cpe:2.3:a:microsoft:windows_server_2016:*:*:*:*:*:*:*:*","identifiers":{"cpe23":"cpe:2.3:a:microsoft:windows_server_2016:*:*:*:*:*:*:*:*"}},{"@id":"cpe:2.3:a:microsoft:windows_server_2016_\\(server_core_installation\\):*:*:*:*:*:*:*:*","identifiers":{"cpe23":"cpe:2.3:a:microsoft:windows_server_2016_\\(server_core_installation\\):*:*:*:*:*:*:*:*"}},{"@id":"cpe:2.3:a:microsoft:windows_server_2019:*:*:*:*:*:*:*:*","identifiers":{"cpe23":"cpe:2.3:a:microsoft:windows_server_2019:*:*:*:*:*:*:*:*"}},{"@id":"cpe:2.3:a:microsoft:windows_server_2019_\\(server_core_installation\\):*:*:*:*:*:*:*:*","identifiers":{"cpe23":"cpe:2.3:a:microsoft:windows_server_2019_\\(server_core_installation\\):*:*:*:*:*:*:*:*"}},{"@id":"cpe:2.3:a:microsoft:windows_server_2022:*:*:*:*:*:*:*:*","identifiers":{"cpe23":"cpe:2.3:a:microsoft:windows_server_2022:*:*:*:*:*:*:*:*"}},{"@id":"cpe:2.3:a:microsoft:windows_server_2025:*:*:*:*:*:*:*:*","identifiers":{"cpe23":"cpe:2.3:a:microsoft:windows_server_2025:*:*:*:*:*:*:*:*"}},{"@id":"cpe:2.3:a:microsoft:windows_server_2025_\\(server_core_installation\\):*:*:*:*:*:*:*:*","identifiers":{"cpe23":"cpe:2.3:a:microsoft:windows_server_2025_\\(server_core_installation\\):*:*:*:*:*:*:*:*"}}],"status":"affected","action_statement":"Update to a fixed version: 6.2.9200.26132, 6.3.9600.23228, 10.0.14393.9234, 10.0.17763.8880, 10.0.20348.5256, 10.0.26100.32995.","timestamp":"2026-06-10T17:55:13.895Z"}]}