CVE-2026-45498

May 20, 2026, 7:05 p.m.

4.0
Low

Description

Microsoft Defender Denial of Service Vulnerability

Product(s) Impacted

Vendor Product Versions
Microsoft
  • Defender Antimalware Platform
  • *

Weaknesses

Common security weaknesses mapped to this vulnerability.

CWE-400
Uncontrolled Resource Consumption
The product does not properly control the allocation and maintenance of a limited resource, thereby enabling an actor to influence the amount of resources consumed, eventually leading to the exhaustion of available resources.

*CPE(s)

Affected systems and software identified for this CVE.

Type Vendor Product Version Update Edition Language Software Edition Target Software Target Hardware Other Information
a microsoft defender_antimalware_platform / / / / / / / /

References

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45498
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-45498

Tags

CWE-400
[email protected]
NVD-CWE-noinfo
2026-05-20
CVE-2026-45498

CVSS Score

4.0 / 10

CVSS Data - 3.1

  • Attack Vector: LOCAL
  • Attack Complexity: LOW
  • Privileges Required: NONE
  • Scope: UNCHANGED
  • Confidentiality Impact: NONE
  • Integrity Impact: NONE
  • Availability Impact: LOW

    • CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

    View Vector String

Timeline

Published: May 20, 2026, 1:16 p.m.
Last Modified: May 20, 2026, 7:05 p.m.

Status : Analyzed

CVE has had analysis completed and all data associations made.

More info

Source

[email protected]

Relations

Here is the list of observables linked to the vulnerability CVE-2026-45498 using threat intelligence.

  • Defender
  • Defender

*Disclaimer: Some vulnerabilities do not have an associated CPE. To enhance the data, we use AI to infer CPEs based on CVE details. This is an automated process and might not always be accurate.