Use-after-free in Windows and Windows Server - CVE-2026-57092
Published: July 17, 2026
Windows
Windows Server
Detailed vulnerability description
The vulnerability allows a remote user to escalate privileges.
The vulnerability exists due to use-after-free in Windows VMSwitch when handling network-related requests from a guest virtual machine through the Hyper-V Virtual Switch. A remote user can send a specially crafted network-related request to escalate privileges.
Exploitation requires the ability to run code in a guest virtual machine, and successful exploitation can cross the guest virtual machine boundary to affect the host system.