CVE-2026-20854

Name of the Vulnerable Software and Affected Versions Microsoft Windows (affected versions not specified)

Description A use after free condition exists in the Windows Local Security Authority Subsystem Service (LSASS). This allows an authorized attacker to execute code over a network. Remote attackers can execute arbitrary code and affect the system. The vulnerability involves the use of memory after it has been freed.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.