CVE-2022-26927

HIGH

Windows 10 and Windows 11 - Remote Code Execution in Graphics Component

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2022-26927. PoCs published by CrackerCat.

AI-analyzed exploit summary This repository is a placeholder for a proof-of-concept exploit for CVE-2022-26927, with no actual exploit code or technical details provided. The author mentions plans to research ExFreePoolWithTag but has not yet implemented anything.

Description

Windows Graphics Component Remote Code Execution Vulnerability

Exploits (1)

nomisec STUB

by CrackerCat · poc

https://github.com/CrackerCat/CVE-2022-26927

View Code ZIP pw:eip

This repository is a placeholder for a proof-of-concept exploit for CVE-2022-26927, with no actual exploit code or technical details provided. The author mentions plans to research ExFreePoolWithTag but has not yet implemented anything.

Classification

Stub 90%

Attack Type

Other

Complexity

Theoretical

Reliability

Theoretical

Target: unknown

No auth needed

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (2)

Core 2

Core References

Vendor Advisory vendor-advisory

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-26927

Patch, Vendor Advisory

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-26927

Scores

CVSS v3 8.8

EPSS 0.0441

EPSS Percentile 90.1%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact total

Details

Status published

Products (9)

microsoft/windows_10 20h2 (3 CPE variants)

microsoft/windows_10 21h1 (3 CPE variants)

microsoft/windows_10 21h2 (3 CPE variants)

microsoft/windows_10 1607 (2 CPE variants)

microsoft/windows_10 1809 (3 CPE variants)

microsoft/windows_10 1909 (3 CPE variants)

microsoft/windows_11 (2 CPE variants)

microsoft/windows_server 2022

microsoft/windows_server_2019

Published May 10, 2022

Tracked Since Feb 18, 2026