CVE-2026-40398: windows 10 1607 vulnerability

Heap-based buffer overflow in Windows Remote Desktop allows an authorized attacker to elevate privileges locally.
CVE-2026-40398CVSS 7.8Windows

CVE-2026-40398: windows 10 1607 vulnerability

Heap-based buffer overflow in Windows Remote Desktop allows an authorized attacker to elevate privileges locally.

CVSS
7.8 HIGH
EPSS
82.16%
Known exploited
not in KEV
Product
windows 10 1607

What is known

Heap-based buffer overflow in Windows Remote Desktop allows an authorized attacker to elevate privileges locally.

Sources