CVE-2026-35433

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2026-35433
Heap-based buffer overflow in .NET allows an unauthorized attacker to elevate privileges locally.

7.3 /10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 1.8 / Impact : 5.5

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required NONE

User Interaction REQUIRED

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact LOW

Scope UNCHANGED

References
Link Resource
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-35433
Configurations

No configuration.

History

09 Jun 2026, 19:17

Type Values Removed Values Added
Summary (en) Improper input validation in .NET allows an unauthorized attacker to elevate privileges locally. (en) Heap-based buffer overflow in .NET allows an unauthorized attacker to elevate privileges locally.

05 Jun 2026, 18:17

Type Values Removed Values Added
Summary (en) Heap-based buffer overflow in .NET allows an unauthorized attacker to elevate privileges locally. (en) Improper input validation in .NET allows an unauthorized attacker to elevate privileges locally.

01 Jun 2026, 19:16

Type Values Removed Values Added
Summary (en) Improper input validation in .NET allows an unauthorized attacker to elevate privileges locally. (en) Heap-based buffer overflow in .NET allows an unauthorized attacker to elevate privileges locally.

12 May 2026, 18:17

Type Values Removed Values Added
New CVE
Information

Published : 2026-05-12 18:17

Updated : 2026-06-09 19:17

NVD link : CVE-2026-35433

Mitre link : CVE-2026-35433

CVE.ORG link : CVE-2026-35433

JSON object : View

Products Affected

No product.

CWE
CWE-20

Improper Input Validation

CWE-190

Integer Overflow or Wraparound