CVE-2026-45648
Published: 09 June 2026
Summary
CVE-2026-45648 is a high-severity Stack-based Buffer Overflow (CWE-121) vulnerability in Microsoft Windows Server 2022. Its CVSS base score is 8.8 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation of Remote Services (T1210); ranked in the top 37.7% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2026-35692
Vulnerability details
Stack-based buffer overflow in Active Directory Domain Services allows an authorized attacker to execute code over a network.
- CWE(s)
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Buffer overflow in AD DS directly enables remote code execution via exploitation of a network-accessible service by an authorized attacker.
Affected Assets
Mitigating Controls
No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.