What is the severity of CVE-2025-26674?

CVE-2025-26674 is classified as a critical severity vulnerability due to its potential to allow local code execution.

How do I fix CVE-2025-26674?

To fix CVE-2025-26674, apply the latest security updates from Microsoft corresponding to your affected Windows version.

CVE-2025-26674 affects various Microsoft Windows products including Windows Server 2019, Windows Server 2022, Windows 10, and Windows 11.

No, CVE-2025-26674 requires local access for exploitation as it is a local code execution vulnerability.

CVE-2025-26674 is a heap-based buffer overflow vulnerability that can lead to arbitrary code execution on the affected system.

7.8

CWE

119 122

8/4/2025

23/4/2025

First published: Tue Apr 08 2025(Updated: )

<p>Heap-based buffer overflow in Windows Media allows an authorized attacker to execute code locally.</p>

Credit: secure@microsoft.com

What is the severity of CVE-2025-26674?
CVE-2025-26674 is classified as a critical severity vulnerability due to its potential to allow local code execution.
How do I fix CVE-2025-26674?
To fix CVE-2025-26674, apply the latest security updates from Microsoft corresponding to your affected Windows version.
Which products are affected by CVE-2025-26674?
CVE-2025-26674 affects various Microsoft Windows products including Windows Server 2019, Windows Server 2022, Windows 10, and Windows 11.
Can an attacker exploit CVE-2025-26674 remotely?
No, CVE-2025-26674 requires local access for exploitation as it is a local code execution vulnerability.
What is the nature of CVE-2025-26674?
CVE-2025-26674 is a heap-based buffer overflow vulnerability that can lead to arbitrary code execution on the affected system.