CVE-2026-40402
published 2026-05-12CVE-2026-40402: Use after free in Windows Hyper-V allows an unauthorized attacker to elevate privileges locally.
critical9.3CVSS 3.1
AVLACLPRNUINSCCHIHAH
Use after free in Windows Hyper-V allows an unauthorized attacker to elevate privileges locally.
Affected
4 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| microsoft | windows_11_23h2 | < 10.0.22631.7079 | 10.0.22631.7079 |
| microsoft | windows_11_version_23h2 | >= 10.0.22631.0 < 10.0.22631.7079 | 10.0.22631.7079 |
| microsoft | windows_server_2022 | < 10.0.20348.5074 | 10.0.20348.5074 |
| microsoft | windows_server_2022 | >= 10.0.20348.0 < 10.0.20348.5139 | 10.0.20348.5139 |