VDB
CISA-2025-48002
CISA-2025-48002
PUBLISHED
CVSS 5.7 MEDIUM
Reported by microsoft · Published July 8, 2025
Integer overflow or wraparound in Windows Hyper-V allows an authorized attacker to disclose information over an adjacent network.
Risk Scores
CVSS 3.1
5.7
CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Microsoft | Windows 11 Version 24H2 | 10.0.26100.0 |
| Microsoft | Windows Server 2025 | 10.0.26100.0 |
| Microsoft | Windows Server 2025 (Server Core installation) | 10.0.26100.0 |
| Microsoft | Windows Server 2025 | 10.0.26100.0, 10.0.26100.0 |
| microsoft | windows_11_24H2 | 10.0.26100.0, 10.0.26100.0 |
| Microsoft | Windows Server 2025 (Server Core installation) | 10.0.26100.0, 10.0.26100.0 |
| microsoft | windows_server_2025 | 10.0.26100.0, 10.0.26100.0, 10.0.26100.0 |
| Microsoft | Windows 11 Version 24H2 | 10.0.26100.0, 10.0.26100.0 |
Timeline
- Jul 8, 2025 CVE Published
- Feb 13, 2026 CVE Updated
- Apr 26, 2026 Security Advisory
References
- Windows Hyper-V Information Disclosure Vulnerability vendor-advisorypatch