HIGHVulnerability
Verified
Global

CISA KEV: Microsoft Windows — Microsoft Windows Buffer Overflow Vulnerability

·Source: CISA KEV

Updated:

Executive Summary

Microsoft Windows contains a buffer overflow vulnerability in the Windows Server Service that allows remote attackers to execute arbitrary code via a crafted RPC request that triggers an overflow during path canonicalization.

Analysis

Microsoft Windows contains a buffer overflow vulnerability in the Windows Server Service that allows remote attackers to execute arbitrary code via a crafted RPC request that triggers an overflow during path canonicalization. Added to CISA Known Exploited Vulnerabilities catalog on 2026-05-20. Remediation due: 2026-06-03.

Indicators of Compromise (1)

CVE (1)
CVE-2008-4250
NVDMITRE CVE
Source Attribution

Originally published by CISA KEV on May 20, 2026. Verified by: CISA.

Related Threats

MEDIUMVulnerabilityNEW

NSA selects new leads for key cybersecurity posts

David Imbordino, an NSA senior executive who most recently led its cybersecurity directorate in an acting capacity, has been named as its new chief. Bruce Jones, a career NSA technical and operational leader, as the new head of its Cybersecurity Collaboration Center.

The Record
LOWVulnerability

WP Maps Pro Vulnerability Exploited to Take Over WordPress Sites

The security defect (CVE-2026-8732) allows unauthenticated attackers to create administrative accounts on the affected installations. The post WP Maps Pro Vulnerability Exploited to Take Over WordPress Sites appeared first on SecurityWeek .

CVE-2026-8732
SecurityWeek
LOWVulnerability

Dashlane password manager users locked out by brute force attacks

Multiple Dashlane users have been locked out of their accounts following brute-force attacks that attempted logins from distant locations and unknown devices. [...]

BleepingComputer