cbcvebase.
CVE-2026-25170
published 2026-03-10

CVE-2026-25170: Use after free in Windows Hyper-V allows an authorized attacker to elevate privileges locally.

high7CVSS 3.1
AVLACHPRLUINSUCHIHAH
Use after free in Windows Hyper-V allows an authorized attacker to elevate privileges locally.

Affected

25 ranges
VendorProductVersion rangeFixed in
microsoftwindows_11_23h2< 10.0.22631.678310.0.22631.6783
microsoftwindows_11_24h2< 10.0.26100.797910.0.26100.7979
microsoftwindows_11_25h2< 10.0.26200.797910.0.26200.7979
microsoftwindows_11_26h1< 10.0.28000.171910.0.28000.1719
microsoftwindows_11_version_22h3>= 10.0.22631.0 < 10.0.22631.678310.0.22631.6783
microsoftwindows_11_version_23h2>= 10.0.22631.0 < 10.0.22631.678310.0.22631.6783
microsoftwindows_11_version_24h2>= 10.0.26100.0 < 10.0.26100.803710.0.26100.8037
microsoftwindows_11_version_25h2>= 10.0.26200.0 < 10.0.26200.803710.0.26200.8037
microsoftwindows_11_version_26h1>= 10.0.28000.0 < 10.0.28000.171910.0.28000.1719
microsoftwindows_server_2022< 10.0.20348.483010.0.20348.4830
microsoftwindows_server_2022>= 10.0.20348.0 < 10.0.20348.489310.0.20348.4893
microsoftwindows_server_2022_23h2< 10.0.25398.220710.0.25398.2207
microsoftwindows_server_2025< 10.0.26100.3246310.0.26100.32463
microsoftwindows_server_2025>= 10.0.26100.0 < 10.0.26100.3252210.0.26100.32522
msrcwindows_11_version_23h2_for_arm64-based_systems
msrcwindows_11_version_23h2_for_x64-based_systems
msrcwindows_11_version_24h2_for_arm64-based_systems
msrcwindows_11_version_24h2_for_x64-based_systems
msrcwindows_11_version_25h2_for_arm64-based_systems
msrcwindows_11_version_25h2_for_x64-based_systems
msrcwindows_11_version_26h1_for_arm64-based_systems
msrcwindows_11_version_26h1_for_x64-based_systems
msrcwindows_server_2022
msrcwindows_server_2022_23h2_edition
msrcwindows_server_2025