PatchSiren cyber security CVE debrief
CVE-2026-45648 Microsoft CVE debrief
CVE-2026-45648 is a stack-based buffer overflow vulnerability in Active Directory Domain Services. This HIGH severity vulnerability has a CVSS score of 8.8 and allows an authorized attacker to execute code over a network. The vulnerability was published on [cvePublishedAt] and last modified on [cveModifiedAt].
- Vendor
- Microsoft
- Product
- Windows Server 2022
- CVSS
- HIGH 8.8
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-06-09
- Original CVE updated
- 2026-06-11
- Advisory published
- 2026-06-09
- Advisory updated
- 2026-06-11
Who should care
Administrators and security teams responsible for Active Directory Domain Services should be aware of this vulnerability and take necessary actions to mitigate it.
Technical summary
The vulnerability is caused by a stack-based buffer overflow in Active Directory Domain Services. This allows an authorized attacker to execute code over a network. The Common Vulnerability Scoring System (CVSS) score is 8.8, indicating a HIGH severity vulnerability.
Defensive priority
HIGH
Recommended defensive actions
- Apply patches or updates provided by the vendor (see [ref-4]).
- Review and update access controls to limit access to Active Directory Domain Services.
- Monitor network activity for suspicious behavior.
Evidence notes
The CVE record [cve-org] and NVD detail [nvd] provide additional information about the vulnerability.
Official resources
-
CVE-2026-45648 CVE record
CVE.org
-
CVE-2026-45648 NVD detail
NVD
-
Source item URL
nvd_modified
-
Mitigation or vendor reference
[email protected] - Vendor Advisory
CVE-2026-45648 was published on 2026-06-09T17:17:31.920Z and last modified on 2026-06-11T18:54:59.433Z.