CVE-2026-45498

🔶 medium

🔍 Scan for this CVE

Summary

Microsoft Defender Denial of Service Vulnerability

CVSS Score

4.0

Medium

EPSS Score

4.1

Exploit Probability

Published Date

2026-05-20

First Seen: 2026-05-21

📊 Relative Risk Intelligence

This CVE is Lower Risk - more severe than 5.1% of all 330,193 vulnerabilities in our database.

#313,312

Below average severity

Severity Percentile

🎯 CISA SSVC Assessment Updated: May 21, 2026

🔍 Exploitation Status

Active

Exploits detected in the wild

⚙️ Automatable

Requires human interaction

💥 Technical Impact

Partial

Limited system impact

SSVC data provided by CISA

Last Modified 2026-05-28

Source NVD 🔗

CVSS Vector 3.1 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

CWE IDs (Weakness Types)

CWE-400

📦 Affected Products 2

Vendor	Product	Status	Affected Versions
microsoft	defender_antimalware_platform	Affected	< 4.18.26040.7
microsoft	defender_antimalware_platform	Affected	> 4.18.26030.3011 < 4.18.26040.7

Vendor

Product

Status

Affected Versions

microsoft

defender_antimalware_platform

Affected

< 4.18.26040.7

microsoft

defender_antimalware_platform

Affected

> 4.18.26030.3011 < 4.18.26040.7

🔗 References 2

🔗 Related CVEs 1

CVE ID	Severity	CVSS	EPSS	Summary	Published
CVE-2026-33825	⚠️ high	7.8	0.1	Insufficient granularity of access control in Microsoft Defender allows an authorized attacker to elevate privileges loc...	2026-04-14

These CVEs affect the same products