Windows Hyper-V: Local Code Execution via Heap Overflow

Monitor vulnerabilities like this one. Sign up free to get alerted when software you use is affected.

7.8

Windows Hyper-V: Local Code Execution via Heap Overflow

CVE-2026-26156

Summary

A security issue in Windows Hyper-V allows an attacker with local access to execute malicious code on a vulnerable system. This could potentially allow the attacker to take control of the system or disrupt its operation. To protect your system, ensure you have the latest Windows updates installed.

Original title

Heap-based buffer overflow in Windows Hyper-V allows an unauthorized attacker to execute code locally.

Original description

Heap-based buffer overflow in Windows Hyper-V allows an unauthorized attacker to execute code locally.

nvd CVSS3.1 7.8

Vulnerability type

CWE-20 Improper Input Validation

CWE-122 Heap-based Buffer Overflow

CWE-125 Out-of-bounds Read

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-26156

Published: 14 Apr 2026 · Updated: 14 Apr 2026 · First seen: 14 Apr 2026