AI description
CVE-2025-26666 is a heap-based buffer overflow vulnerability found in Windows Media. It allows an authorized attacker with local access to execute code on a vulnerable system. The vulnerability stems from a buffer overflow in the heap, which could allow an attacker to overwrite memory and potentially execute arbitrary code with the privileges of the affected application.
- Description
- Heap-based buffer overflow in Windows Media allows an authorized attacker to execute code locally.
- Source
- secure@microsoft.com
- NVD status
- Awaiting Analysis
CVSS 3.1
- Type
- Primary
- Base score
- 7.8
- Impact score
- 5.9
- Exploitability score
- 1.8
- Vector string
- CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
- Severity
- HIGH
- secure@microsoft.com
- CWE-122
Hype score is a measure of social media activity compared against trending CVEs from the past 12 months. Max score 100.
- Hype score
21
🚨CVE-2025-26666: Windows Media Remote Code Execution Vulnerability Credit: https://t.co/iTBPunZirA https://t.co/hmmtVP9xiH
@DarkWebInformer
8 May 2025
8988 Impressions
22 Retweets
132 Likes
61 Bookmarks
0 Replies
0 Quotes
🚀 We released a demo video for the CVE-2025-26666 Windows Media RCE Vulnerability, patched by Microsoft in Apr 2025. Watch the video and subscribe to our private vulnerability PoC and detailed report service at https://t.co/lv6J3q3DX1. https://t.co/JzE60nsyXR
@_patchpoint_
11 Apr 2025
2547 Impressions
9 Retweets
18 Likes
9 Bookmarks
0 Replies
0 Quotes
🚀We released a demo video for the CVE-2025-26666 Windows Media RCE Vulnerability, patched by Microsoft in Apr 2025. Watch the video and subscribe to our private vulnerability PoC and detailed report service at https://t.co/lv6J3q3DX1. https://t.co/JzE60nsyXR #WindowsMediaEngine
@_patchpoint_
11 Apr 2025
4 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes