ctipilot.ch

Microsoft Defender Malware Protection Engine — heap-based buffer overflow over network → unauthenticated RCE in Defender process context; CVSS 8.1

cve · CVE-2026-45584 single-source

Coverage timeline
1
first 2026-05-20 → last 2026-05-25
Entries
1
1 distinct days
Sources cited
1
1 hosts
Sections touched
1
trending-vulnerabilities
Co-occurring entities
0
no co-occurrence

Story timeline

  1. 2026-05-20CVE-2026-45584 — Microsoft Defender Engine heap-buffer-overflow RCE over network
    trending-vulnerabilitiesCVE-2026-45584 — Microsoft Defender Engine heap-buffer-overflow RCE over network

Where this entity is cited

  • trending-vulnerabilities1

Source distribution

  • msrc.microsoft.com1 (100%)

Entries about Microsoft Defender Malware Protection Engine — heap-based buffer overflow over network → unauthenticated RCE in Defender process context; CVSS 8.1 (1)

2026-05-20 · view entry permalink →

CVE-2026-45584 — Microsoft Defender Engine heap-buffer-overflow RCE over network

notable vulnerability discovered 2026-05-20 05:00 UTC single-source

Microsoft also disclosed CVE-2026-45584 on 2026-05-19 — a heap-based buffer overflow in the Defender Engine reachable over the network (AV:N), allowing unauthenticated code execution in the Defender process context. CVSS 8.1; no exploitation observed at disclosure, no public PoC. The same Engine update (≥ 1.1.26040.8) that closes CVE-2026-41091 also closes CVE-2026-45584. Network-reachable code execution inside an endpoint security product is operationally severe — successful exploitation lands attacker code in the same privileged context as Defender. Treat the Engine version verification step as covering both CVEs.

vulnerabilities rce pre-auth patch-available global CVE-2026-45584