CVE-2025-26686

Published Apr 8, 2025

Last updated 5 months ago

CVSS high 7.5
Windows TCP/IP

Overview

AI description

Automated description summarized from trusted sources.

CVE-2025-26686 is a vulnerability in the Windows TCP/IP component related to sensitive data storage in improperly locked memory. This vulnerability could allow an unauthorized attacker to execute code over a network. The vulnerability exists because of how Windows TCP/IP handles memory locking. Exploitation involves an attacker waiting for a user to initiate a connection and send a DHCPv6 request, then replying with a DHCPv6 response containing a fake IPv6 address. Successful exploitation requires the attacker to win a race condition and make several preparations in the target environment beforehand. A security update was released by Microsoft in April 2025 to address this vulnerability.

Description
Sensitive data storage in improperly locked memory in Windows TCP/IP allows an unauthorized attacker to execute code over a network.
Source
secure@microsoft.com
NVD status
Analyzed
Products
windows_10_1507, windows_10_1607, windows_10_1809, windows_10_21h2, windows_10_22h2, windows_11_22h2, windows_11_23h2, windows_11_24h2, windows_server_2008, windows_server_2012, windows_server_2016, windows_server_2019, windows_server_2022, windows_server_2022_23h2, windows_server_2025

Risk scores

CVSS 3.1

Type
Secondary
Base score
7.5
Impact score
5.9
Exploitability score
1.6
Vector string
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
Severity
HIGH

Weaknesses

secure@microsoft.com
CWE-591

Social media

Hype score
Not currently trending

  1. Top 5 Trending CVEs: 1 - CVE-2017-1001000 2 - CVE-2025-33073 3 - CVE-2025-26686 4 - CVE-2025-24893 5 - CVE-2025-33053 #cve #cvetrends #cveshield #cybersecurity https://t.co/4Fua3CAN6W

    @CVEShield

    16 Nov 2025

    10 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  2. GitHub - mrk336/CVE-2025-26686-The-TCP-IP-Flaw-That-Opens-the-Gates: A critical RCE vulnerability in Windows TCP/IP stack (CVE-2025-26686) leaves sensitive memory unlocked, allowing remote attackers to hijack systems. Exploitable over the network, https://t.co/fsyWKl2fZT

    @akaclandestine

    13 Nov 2025

    2170 Impressions

    12 Retweets

    32 Likes

    27 Bookmarks

    0 Replies

    0 Quotes

  3. #exploit High severity Windows vulnerabilities: 1⃣. CVE-2025-26686: RCE in Windows 10/11/Srv TCP/IP stack - https://t.co/kswysi2zzg // leaves sensitive memory unlocked, allowing remote attackers to hijack systems. Exploitable over the network, it risks full compromise. Patch

    @ksg93rd

    13 Nov 2025

    13032 Impressions

    31 Retweets

    123 Likes

    100 Bookmarks

    3 Replies

    1 Quote

  4. CVE-2025-26686 Sensitive data storage in improperly locked memory in Windows TCP/IP allows an unauthorized attacker to execute code over a network. https://t.co/Q3H5Be6BqQ

    @CVEnew

    9 Apr 2025

    270 Impressions

    0 Retweets

    0 Likes

    1 Bookmark

    0 Replies

    0 Quotes

Configurations

References

Sources include official advisories and independent security research.