PatchSiren cyber security CVE debrief
CVE-2026-54119 Microsoft CVE debrief
CVE-2026-54119 is a Loop with unreachable exit condition vulnerability in Windows Active Directory. This vulnerability allows an unauthorized attacker to deny service over a network. The vulnerability has a CVSS score of 7.5 and a severity of HIGH. The affected product is Windows Active Directory, and the vulnerability is classified as CWE-835. The vulnerability allows an attacker to exploit the vulnerability and deny service over a network. The source confidence is limited, and defenders should review the supplied official advisory or CVE record to validate affected scope, severity, and vendor guidance.
- Vendor
- Microsoft
- Product
- Windows 10 Version 1607
- CVSS
- HIGH 7.5
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-07-14
- Original CVE updated
- 2026-07-16
- Advisory published
- 2026-07-14
- Advisory updated
- 2026-07-16
Who should care
Organizations using Windows Active Directory should prioritize patching this vulnerability to prevent potential denial of service attacks. The vulnerability allows an unauthorized attacker to deny service over a network. The affected product is Windows Active Directory. The vulnerability has a CVSS score of 7.5 and a severity of HIGH.
Technical summary
The vulnerability is caused by a loop with an unreachable exit condition in Windows Active Directory. This allows an attacker to exploit the vulnerability and deny service over a network. The vulnerability is classified as CWE-835. The affected product is Windows Active Directory. The vulnerability has a CVSS score of 7.5 and a severity of HIGH.
Defensive priority
High
Recommended defensive actions
- Apply the patch provided by Microsoft
- Review and update Active Directory configurations
- Monitor network activity for potential attacks
- Implement compensating controls to prevent denial of service attacks
- Review relevant monitoring, detection, and logs for exposed assets that need extra review
Evidence notes
The CVE record was published on 2026-07-14T17:17:04.660Z and was last modified on 2026-07-16T12:14:35.503Z. The NVD entry is currently Analyzed. The vulnerability has a CVSS score of 7.5 and a severity of HIGH. The affected product is Windows Active Directory. The vulnerability allows an unauthorized attacker to deny service over a network. The source confidence is limited, and defenders should verify the affected scope and severity.
Official resources
-
CVE-2026-54119 CVE record
CVE.org
-
CVE-2026-54119 NVD detail
NVD
-
Source item URL
nvd_modified
-
Mitigation or vendor reference
[email protected] - Patch, Vendor Advisory
AI-assisted PatchSiren debrief based on the supplied source corpus. The CVE record was published on 2026-07-14T17:17:04.660Z and has not been modified since then. The NVD entry is currently Analyzed.