Winfsp · Winfsp · CVE-2026-3006
**Name of the Vulnerable Software and Affected Versions**
WinFSP versions prior to 2026 Beta1
**Description**
A race condition vulnerability, specifically a Time-of-Check to Time-of-Use (TOCTOU) bug, exists in the driver. This occurs due to a multi-fetch of size used in `ExAllocatePool`, which can trigger a kernel heap overflow. Successful exploitation allows an attacker, even from a Low Integrity CMD, to achieve local privilege escalation and gain system-level access.
**Recommendations**
Update to WinFSP version 2026 Beta1.