PT-2026-40152 · Microsoft · Windows Server 2025+1
Published
2026-05-12
·
Updated
2026-05-15
·
CVE-2026-34332
CVSS v2.0
9.0
High
| Vector | AV:N/AC:L/Au:S/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
Windows Server 2025 (affected versions not specified)
Description
A use after free issue in Windows Kernel-Mode Drivers allows an authorized attacker to execute code over a network. This occurs via NVMe-oF (NVMe over Fabrics), a network protocol that allows NVMe storage commands to be transferred over a network fabric.
Recommendations
Apply the available hotpatch or patch for Windows Server 2025.
Fix
RCE
Use After Free
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Windows
Windows Server 2025