CVE-2026-23670

Published: Apr 14, 2026 Last Modified: Apr 14, 2026

ExploitDB:

Other exploit source:

Google Dorks:

MEDIUM 5,7

Source: [email protected]

Attack Vector: local

Attack Complexity: high

Privileges Required: high

User Interaction: none

Scope: unchanged

Confidentiality: high

Integrity: high

Availability: none

Description

AI Translation Available

Untrusted pointer dereference in Windows Virtualization-Based Security (VBS) Enclave allows an authorized attacker to bypass a security feature locally.

EPSS (Exploit Prediction Scoring System)

Trend Analysis

EPSS (Exploit Prediction Scoring System)

Prevede la probabilità di sfruttamento basata su intelligence sulle minacce e sulle caratteristiche della vulnerabilità.

EPSS Score

0,0006

Percentile

0,2th

Updated

EPSS Score Trend (Last 2 Days)

822

Untrusted Pointer Dereference

Incomplete

Abstraction: Base Structure: Simple

Common Consequences

Security Scopes Affected:

Confidentiality Availability Integrity

Potential Impacts:

Read Memory Dos: Crash, Exit, Or Restart Execute Unauthorized Code Or Commands Modify Memory

Applicable Platforms

Languages: C, C++, Memory-Unsafe

View CWE Details

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2…

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23670

CVE-2026-23670

Description

EPSS (Exploit Prediction Scoring System)

EPSS (Exploit Prediction Scoring System)

EPSS Score Trend (Last 2 Days)

Untrusted Pointer Dereference

Common Consequences

Applicable Platforms

Iscriviti alla newsletter