High severity8.1NVD Advisory· Published May 20, 2026· Updated May 20, 2026
CVE-2026-45584
CVE-2026-45584
Description
Heap-based buffer overflow in Microsoft Defender allows an unauthorized attacker to execute code over a network.
Affected products
2- cpe:2.3:a:microsoft:malware_protection_engine:*:*:*:*:*:*:*:*Range: >=1.1.26030.3008,<1.1.26040.8
Patches
Vulnerability mechanics
References
1- msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45584nvdVendor Advisory
News mentions
2- ⚡ Weekly Recap: Linux Flaws, Defender 0-Days, Router Botnets, and Supply Chain ChaosThe Hacker News · May 25, 2026
- Microsoft Defender vulnerabilities exploited in the wild (CVE-2026-41091, CVE-2026-45498)Help Net Security · May 21, 2026