Integer underflow in Windows and Windows Server - CVE-2026-54982
Published: July 17, 2026
Windows
Windows Server
Detailed vulnerability description
The vulnerability allows a remote attacker to execute arbitrary code.
The vulnerability exists due to integer underflow in Reliable Multicast Transport Driver (RMCAST) when processing network traffic on the same network segment. A remote attacker can send specially crafted network traffic to execute arbitrary code.
The attack is limited to systems on the same network segment as the attacker.