- Description
- Microsoft Defender Denial of Service Vulnerability
- Source
- secure@microsoft.com
- NVD status
- Analyzed
- Products
- defender_antimalware_platform
CVSS 3.1
- Type
- Primary
- Base score
- 7.5
- Impact score
- 3.6
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
- Severity
- HIGH
Data from CISA
- Vulnerability name
- Microsoft Defender Denial of Service Vulnerability
- Exploit added on
- May 20, 2026
- Exploit action due
- Jun 3, 2026
- Required action
- Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
- nvd@nist.gov
- NVD-CWE-noinfo
- 134c704f-9b21-4f2e-91b3-4a467353bcc0
- CWE-400
- Hype score
- Not currently trending
Security Bulletin: Multiple Microsoft Defender vulnerabilities (CVE-2026-41091, CVE-2026-45498) are actively exploited in the wild. Update Defender immediately. #ThreatIntel #RedLeggCTI https://t.co/Cw6DrjtED3
@RedLegg
20 May 2026
27 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
米国サイバーセキュリティ・社会基盤安全保障庁(CISA)が既知の悪用された脆弱性カタログに7件追加。10年以上前のAcrobatのCVE-2009-3459及びMSのCVE-2008-4250、CVE-2009-1537、CVE-2010-0249、CVE-2010-0806、並びに多分RedSunのCVE-2
@__kokumoto
20 May 2026
592 Impressions
0 Retweets
1 Like
1 Bookmark
1 Reply
2 Quotes
CISA added 7 known exploited vulnerabilities to its KEV Catalog on May 20, including CVE-2026-41091 (Microsoft Defender EoP) and CVE-2026-45498 (Microsoft Defender DoS). FCEB agencies must remediate by the due date per BOD 22-01. #Cybersecurity https://t.co/VBhfvQSnF9
@battista212
20 May 2026
26 Impressions
0 Retweets
1 Like
0 Bookmarks
1 Reply
0 Quotes
The latest Windows Antivirus Platform 4.18.26040.7 and Engine 1.1.26040.8 fix three security issues, two of them already exploited and publicly available... CVE-2026-41091 (RedSun) CVE-2026-45498 (UnDefend) CVE-2026-45584 (???) #MDE #MDAV https://t.co/yDSi6HaTZK
@fabian_bader
20 May 2026
563 Impressions
1 Retweet
7 Likes
2 Bookmarks
0 Replies
0 Quotes
🚨 7 new CISA KEV adds today CVE-2026-45498, CVE-2026-41091, CVE-2010-0806, CVE-2010-0249, CVE-2009-3459, CVE-2009-1537, CVE-2008-4250 https://t.co/0StDFCzdCI #boarnet #cybersecurity #cisakev #cve #threatintelligence #malware
@boarnetio
20 May 2026
0 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:microsoft:defender_antimalware_platform:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EE400D53-CA9B-433A-BB02-048BFDE09034",
"versionEndExcluding": "4.18.26040.7",
"versionStartIncluding": "4.18.26030.3011",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
]