CVE-2026-33824
Published Apr 14, 2026
Last updated 2 months ago
CVSS critical 9.8
Network
Tunneling protocol
VPN
- Description
- Double free in Windows IKE Extension allows an unauthorized attacker to execute code over a network.
- Source
- secure@microsoft.com
- NVD status
- Analyzed
- Products
- windows_10_1607, windows_10_1809, windows_10_21h2, windows_10_22h2, windows_11_23h2, windows_11_24h2, windows_11_25h2, windows_11_26h1, windows_server_2016, windows_server_2019, windows_server_2022, windows_server_2022_23h2, windows_server_2025
CVSS 3.1
- Type
- Secondary
- Base score
- 9.8
- Impact score
- 5.9
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
- Severity
- CRITICAL
- secure@microsoft.com
- CWE-415
- Hype score
- Not currently trending
Microsoft unveiled MDASH, an AI system with 100+ agents that found and proved 16 Windows flaws fixed in Patch Tuesday, including CVE-2026-33824 and CVE-2026-33827. #Microsoft #MDASH #Windows https://t.co/WiMyQUaiY2
@TweetThreatNews
13 May 2026
112 Impressions
0 Retweets
0 Likes
2 Bookmarks
0 Replies
0 Quotes
#exploit #NetSec 1⃣. CVE-2026-33824: RCE in Windows IKEv2 https://t.co/IdbRP0IExo // The flaw involves improper handling of a blob pointer during IKEv2 fragment reassembly, causing a double free when cleaning up security structures 2⃣. CVE-2025-57738: Apache Syncope Groovy
@ksg93rd
24 Apr 2026
230 Impressions
0 Retweets
0 Likes
1 Bookmark
0 Replies
0 Quotes
[
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x64:*",
"matchCriteriaId": "158C16A3-547E-4130-8428-8E429C37E573",
"versionEndExcluding": "10.0.14393.9060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x86:*",
"matchCriteriaId": "58E1A340-D49A-4EBB-A750-876922ACD5CA",
"versionEndExcluding": "10.0.14393.9060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*",
"matchCriteriaId": "64248504-2307-45FC-8FF3-7A227CFD8675",
"versionEndExcluding": "10.0.17763.8644",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:*",
"matchCriteriaId": "9B1465B1-BDE6-4634-8F12-43F71D68A4D6",
"versionEndExcluding": "10.0.17763.8644",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:arm64:*",
"matchCriteriaId": "88A175C4-E033-4FE7-B2BF-8BAE14321BC4",
"versionEndExcluding": "10.0.19044.7184",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:x64:*",
"matchCriteriaId": "86DBF14A-F486-4FE7-9126-D1D54952FC6C",
"versionEndExcluding": "10.0.19044.7184",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:x86:*",
"matchCriteriaId": "C375372B-D3D4-4B11-AAD8-69AC344C24BC",
"versionEndExcluding": "10.0.19044.7184",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:arm64:*",
"matchCriteriaId": "8CE2E268-E776-4697-9E43-33ABA4CDBE05",
"versionEndExcluding": "10.0.19045.7184",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:x64:*",
"matchCriteriaId": "269B8E88-6473-41DD-BA33-D9184B82CA58",
"versionEndExcluding": "10.0.19045.7184",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:x86:*",
"matchCriteriaId": "FCBB431B-EF21-4454-BDA3-D8F276BE7A64",
"versionEndExcluding": "10.0.19045.7184",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_11_23h2:*:*:*:*:*:*:arm64:*",
"matchCriteriaId": "B33CE091-B873-4C30-BA05-54A8C1839212",
"versionEndExcluding": "10.0.22631.6936",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_11_23h2:*:*:*:*:*:*:x64:*",
"matchCriteriaId": "E3AF28F3-D486-4B88-9E0E-371241024174",
"versionEndExcluding": "10.0.22631.6936",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_11_24h2:*:*:*:*:*:*:arm64:*",
"matchCriteriaId": "94EB36C7-1FF2-4B44-AD91-F3540F09393E",
"versionEndExcluding": "10.0.26100.8246",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_11_24h2:*:*:*:*:*:*:x64:*",
"matchCriteriaId": "14B23C3F-C8AC-491A-BCA5-EB6982C8F9E9",
"versionEndExcluding": "10.0.26100.8246",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_11_25h2:*:*:*:*:*:*:arm64:*",
"matchCriteriaId": "361B5DAB-8D1F-45D7-A33C-F49EBA56B5F8",
"versionEndExcluding": "10.0.26200.8246",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_11_25h2:*:*:*:*:*:*:x64:*",
"matchCriteriaId": "ADC6CE99-AB5D-4DD5-82A9-892366C4B2FD",
"versionEndExcluding": "10.0.26200.8246",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_11_26h1:*:*:*:*:*:*:arm64:*",
"matchCriteriaId": "690E74A8-E72C-47B6-96EB-37C48D69A635",
"versionEndExcluding": "10.0.28000.1836",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_11_26h1:*:*:*:*:*:*:x64:*",
"matchCriteriaId": "13A01FA1-08DC-4E33-9FFC-AB4BCD9634CA",
"versionEndExcluding": "10.0.28000.1836",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*",
"matchCriteriaId": "982DB0CA-5196-4E42-B2F7-994BE8179715",
"versionEndExcluding": "10.0.14393.9060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*",
"matchCriteriaId": "647CF9B5-8898-469B-9C09-D372A7843187",
"versionEndExcluding": "10.0.17763.8644",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DC6837B7-5DFD-4AF7-B436-3C6FEF48BA60",
"versionEndExcluding": "10.0.20348.5020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2022_23h2:*:*:*:*:*:*:*:*",
"matchCriteriaId": "55A1F3AB-5299-4495-9A73-FDA23C6FD88D",
"versionEndExcluding": "10.0.25398.2274",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2025:*:*:*:*:*:*:*:*",
"matchCriteriaId": "ADF41A14-B9DA-4788-82A8-74DCDCD090E1",
"versionEndExcluding": "10.0.26100.32690",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
]