Home

Description

Integer overflow or wraparound in Windows Kerberos allows an authorized attacker to execute code over an adjacent network.

PUBLISHED Reserved 2026-05-18 | Published 2026-06-09 | Updated 2026-06-10 | Assigner microsoft




HIGH: 7.1CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

Problem types

CWE-190: Integer Overflow or Wraparound

Product status

6.2.9200.0 (custom) before 6.2.9200.26132
affected

6.2.9200.0 (custom) before 6.2.9200.26132
affected

6.3.9600.0 (custom) before 6.3.9600.23228
affected

6.3.9600.0 (custom) before 6.3.9600.23228
affected

10.0.14393.0 (custom) before 10.0.14393.9234
affected

10.0.14393.0 (custom) before 10.0.14393.9234
affected

10.0.17763.0 (custom) before 10.0.17763.8880
affected

10.0.17763.0 (custom) before 10.0.17763.8880
affected

10.0.20348.0 (custom) before 10.0.20348.5256
affected

10.0.26100.0 (custom) before 10.0.26100.32995
affected

10.0.26100.0 (custom) before 10.0.26100.32995
affected

References

msrc.microsoft.com/update-guide/vulnerability/CVE-2026-47288 (Windows Kerberos Key Distribution Center (KDC) Remote Code Execution) vendor-advisory patch

cve.org (CVE-2026-47288)

nvd.nist.gov (CVE-2026-47288)

Download JSON