CVE-2026-45498

MEDIUM

Microsoft Defender Denial of Service Vulnerability

CVSS v3.1 Score

4.0

MEDIUM

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

Attack Vector

LOCAL

Complexity

LOW

Privileges

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

NONE

Integrity

NONE

Availability

LOW

Published: 5/20/2026Modified: 5/20/2026

Related Intelligence (3)

CRITICALZero Day

Microsoft patches two zero-day flaws in Defender

Microsoft released emergency fixes for two zero-day vulnerabilities in the malware protection components of Microsoft Defender. The flaws allow local attackers to gain system-level privileges or cause the anti-malware service to stop working correctly. Both conditions are valuable in a malware attack, first to prevent detection if the system relies only on Microsoft endpoint protection and second

CVE-2026-41091CVE-2026-45498

4d agoCSO Online

HIGHVulnerability

NVD HIGH: CVE-2026-45498 — Microsoft Defender Denial of Service Vulnerability

Microsoft Defender Denial of Service Vulnerability

CVE-2026-45498

5d agoNIST NVD

HIGHVulnerability

CISA KEV: Microsoft Defender — Microsoft Defender Denial of Service Vulnerability

Microsoft Defender contains an unspecified vulnerability that allows for denial of service.

CVE-2026-45498Microsoft Defender

5d agoCISA KEV

References (2)

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45498Vendor Advisory https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-45498Third Party AdvisoryUS Government Resource