Microsoft Graphics Component allows local code execution via buffer overflow

Monitor vulnerabilities like this one. Sign up free to get alerted when software you use is affected.

8.4

Microsoft Graphics Component allows local code execution via buffer overflow

CVE-2026-32221

Summary

An attacker can exploit a weakness in the Microsoft Graphics Component to run unauthorized code on a system, potentially causing harm. This weakness can be exploited by a malicious actor who has access to the system or network. To protect against this, keep your Microsoft software up to date with the latest security patches.

Original title

Heap-based buffer overflow in Microsoft Graphics Component allows an unauthorized attacker to execute code locally.

Original description

Heap-based buffer overflow in Microsoft Graphics Component allows an unauthorized attacker to execute code locally.

nvd CVSS3.1 8.4

Vulnerability type

CWE-122 Heap-based Buffer Overflow

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-32221

Published: 14 Apr 2026 · Updated: 14 Apr 2026 · First seen: 14 Apr 2026