VDB
GCVE-110-NCSC-2026-141
GCVE-110-NCSC-2026-141
Advisory PublishedCVSS 7.0/10
A double free vulnerability in the Windows Link-Layer Discovery Protocol (LLDP) allows an authorized local attacker to elevate privileges on affected systems.
Weaknesses (CWE)
CWE-362Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')CWE-122Heap-based Buffer OverflowCWE-843Access of Resource Using Incompatible Type ('Type Confusion')CWE-416Use After FreeCWE-190Integer Overflow or WraparoundCWE-367Time-of-check Time-of-use (TOCTOU) Race ConditionCWE-288Authentication Bypass Using an Alternate Path or ChannelCWE-125Out-of-bounds ReadCWE-401Missing Release of Memory after Effective LifetimeCWE-121Stack-based Buffer OverflowCWE-415Double FreeCWE-126Buffer Over-readCWE-476NULL Pointer DereferenceCWE-191Integer Underflow (Wrap or Wraparound)CWE-1329Reliance on Component That is Not UpdateableCWE-73External Control of File Name or PathCWE-822Untrusted Pointer DereferenceCWE-862Missing Authorization
Risk Scores
CVSS 3.1
7.0/10
High · CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Affected Products
| Vendor | Product | Versions | Platforms |
|---|---|---|---|
| Microsoft | vers:unknown/* | — | — |
Aliases
CVE-2026-21530CVE-2026-32161CVE-2026-32170CVE-2026-32209CVE-2026-33834CVE-2026-33835CVE-2026-33837CVE-2026-33838CVE-2026-33839CVE-2026-33840CVE-2026-33841CVE-2026-34329CVE-2026-34330CVE-2026-34331CVE-2026-34332CVE-2026-34333CVE-2026-34334CVE-2026-34336CVE-2026-34337CVE-2026-34338CVE-2026-34339CVE-2026-34340CVE-2026-34341CVE-2026-34342CVE-2026-34343CVE-2026-34344CVE-2026-34345CVE-2026-34347CVE-2026-34350CVE-2026-34351CVE-2026-35415CVE-2026-35416CVE-2026-35417CVE-2026-35418CVE-2026-35419CVE-2026-35420CVE-2026-35421CVE-2026-35422CVE-2026-35423CVE-2026-35424CVE-2026-35438CVE-2026-40369CVE-2026-40377CVE-2026-40380CVE-2026-40382CVE-2026-40397CVE-2026-40398CVE-2026-40399CVE-2026-40401CVE-2026-40402CVE-2026-40403CVE-2026-40405CVE-2026-40406CVE-2026-40407CVE-2026-40408CVE-2026-40410CVE-2026-40413CVE-2026-40414CVE-2026-40415CVE-2026-41088CVE-2026-41089CVE-2026-41095CVE-2026-41096CVE-2026-41097CVE-2026-42825CVE-2026-42896
References
Explore Further
Investigate this vulnerability in the interactive console or download the raw GCVE record.