CVE-2026-45498

MEDIUM KEV

Microsoft Defender Denial of Service Vulnerability

Title source: cna
STIX 2.1

Exploitation Summary

CVE-2026-45498 is actively exploited and listed in the CISA Known Exploited Vulnerabilities (KEV) catalog, added May 20, 2026. EIP tracks 1 public exploit from researchers including salihuahmad105-creator.

AI-analyzed exploit summary This repository contains a Python-based vulnerability scanner for CVE-2026-45498, a Denial of Service (DoS) vulnerability in Microsoft Defender Antimalware Platform versions below 4.18.26040.7. The tool checks the installed Defender version against the patched version and reports vulnerability status without exploiting the flaw.

Description

Microsoft Defender Denial of Service Vulnerability

Exploits (1)

nomisec SCANNER
by salihuahmad105-creator · poc
https://github.com/salihuahmad105-creator/Vulnerability-scanner

This repository contains a Python-based vulnerability scanner for CVE-2026-45498, a Denial of Service (DoS) vulnerability in Microsoft Defender Antimalware Platform versions below 4.18.26040.7. The tool checks the installed Defender version against the patched version and reports vulnerability status without exploiting the flaw.

Classification
Scanner 98%
Attack Type
Dos
Complexity
Trivial
Reliability
Reliable
Target: Microsoft Defender Antimalware Platform (versions < 4.18.26040.7)
No auth needed
Prerequisites: Microsoft Defender installed on the target system · Python and `packaging` library installed on the scanning system · PowerShell access for version retrieval
mistral-large-3 · analyzed Jul 02, 2026 Full analysis →

References (2)

Core 2
Core References
Vendor Advisory vendor-advisory patch
Microsoft Defender Denial of Service Vulnerability
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45498

Scores

CVSS v3 4.0
EPSS 0.6308
EPSS Percentile 99.1%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

CISA SSVC

Vulnrichment
Exploitation active
Automatable no
Technical Impact partial

Details

CISA KEV 2026-05-20
VulnCheck KEV 2026-05-19
ENISA EUVD EUVD-2026-31102
CWE
CWE-400
Status published
Products (3)
microsoft/defender_antimalware_platform 4.18.26030.3011 - 4.18.26040.7
Microsoft/Microsoft Defender Antimalware Platform -
Microsoft/Microsoft Defender Antimalware Platform 4.0.0.0 - 4.18.26040.7
Published May 20, 2026
KEV Added May 20, 2026
Tracked Since May 20, 2026