HarborGuardharborguardDatabase
Back to search
HIGHCVE-2026-45641Published Modified CNA microsoft

CVE-2026-45641: Windows Hyper-V Remote Code Execution Vulnerability

Out-of-bounds read in Windows Hyper-V allows an unauthorized attacker to execute code locally.

Metrics

CVSS v3.1
8.4
Severity
HIGH
Fixed in
10.0.19044.7417
Affected Products
9

Get notified

Email me when this CVE is updated: new fix versions, severity changes, or any record change.

HarborGuard Analysis

Synopsis

An out-of-bounds read vulnerability in Windows Hyper-V allows a local attacker to execute arbitrary code on affected systems. No network access or authentication is required; an attacker with an existing foothold on the host can trigger the flaw directly. Successful exploitation gives the attacker full control over confidentiality, integrity, and availability of the affected system. Patched-image rebuilds at the available fix versions are accessible on HarborGuard for environments running affected Windows builds.

HarborGuard Coverage

Detection

Detection is available across every HarborGuard environment: the CVE is ingested from upstream feeds within minutes of publication and matched against customer images, including custom-built Windows-based container images, in both registry scans and CI/CD pipeline checks.

Available
Triage

HarborGuard scores this vulnerability at CVSS 8.4 (High) and applies per-environment compliance policy weighting to prioritize alert routing, directing findings to the appropriate team inbox within each customer organization.

Available
Patch

Patched-image rebuilds at fix versions 10.0.19044.7417, 10.0.19045.7417, 10.0.20348.5256, 10.0.22631.7219, and 10.0.26100.8655 are available on HarborGuard for environments running affected builds. For customers who opt into auto-remediation, HarborGuard performs a rebuild, runs a regression test suite, and opens a pull request against affected workloads automatically.

Available

Exploit Conditions

  • Network reachabilityNot required

    The attacker needs an existing shell or process on the host; no network-facing exposure is necessary to trigger the vulnerability.

  • AuthenticationNot required

    No account credentials or prior authentication are required to exploit this vulnerability.

  • Victim interactionNot required

    Exploitation requires no action from any user or administrator on the target system.

  • Attack complexityDetail

    Attack complexity is low, meaning the exploit is reliable and requires no special environmental conditions, race wins, or non-standard configuration.

Blast Radius

  • Reads protected memory contents from the Hyper-V process, exposing sensitive host-level data such as cryptographic keys or guest VM memory.
  • Writes arbitrary data to host memory, allowing modification of kernel structures or hypervisor state.
  • Crashes or destabilizes the Hyper-V host, bringing down all guest virtual machines running on that system.
  • Achieves arbitrary code execution in the context of the hypervisor, effectively compromising all guest workloads co-hosted on the same machine.

How HarborGuard Handles This

Available on HarborGuard: detection fires within minutes of CVE publication for any customer image built on an affected Windows version, covering both registry-stored images and images scanned inline in CI pipelines. Where compliance policy permits, HarborGuard triggers a patched-image rebuild against the applicable fix version, runs a regression test, and opens a pull request against affected workloads; for environments with auto-remediation enabled, median time from CVE publication to a merged patch PR for high-severity issues is around 90 minutes. For customers who have not opted into auto-remediation, the finding is routed to the configured team inbox with CVSS score, affected build versions, and remediation guidance attached. Because this is a local-execution flaw with no authentication barrier, customers running Windows Server 2022 or Windows 10/11 base images in containerized workloads should treat this as high priority and apply available patches promptly.

See how HarborGuard automates this

Fix available

10.0.19044.741710.0.19045.741710.0.20348.525610.0.22631.721910.0.26100.865510.0.26100.3299510.0.26200.865510.0.28000.2269
Patch commits
Affected packages
  • Microsoft / Windows 10 Version 21H2
    < 10.0.19044.7417 (from 10.0.19044.0)
  • Microsoft / Windows 10 Version 22H2
    < 10.0.19045.7417 (from 10.0.19045.0)
  • Microsoft / Windows 11 Version 23H2
    < 10.0.22631.7219 (from 10.0.22631.0)
  • Microsoft / Windows 11 Version 24H2
    < 10.0.26100.8655 (from 10.0.26100.0)
  • Microsoft / Windows 11 Version 25H2
    < 10.0.26200.8655 (from 10.0.26200.0)
  • Microsoft / Windows 11 version 26H1
    < 10.0.28000.2269 (from 10.0.28000.0)
  • Microsoft / Windows Server 2022
    < 10.0.20348.5256 (from 10.0.20348.0)
  • Microsoft / Windows Server 2025
    < 10.0.26100.32995 (from 10.0.26100.0)
  • Microsoft / Windows Server 2025 (Server Core installation)
    < 10.0.26100.32995 (from 10.0.26100.0)
CVSS Vector
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
References