CVE-2026-3006

Name of the Vulnerable Software and Affected Versions WinFSP versions prior to 2026 Beta1

Description A race condition vulnerability, specifically a Time-of-Check to Time-of-Use (TOCTOU) bug, exists in the driver. This occurs due to a multi-fetch of size used in ExAllocatePool, which can trigger a kernel heap overflow. Successful exploitation allows an attacker, even from a Low Integrity CMD, to achieve local privilege escalation and gain system-level access.

Recommendations Update to WinFSP version 2026 Beta1.