Product

Defender

5 briefs RSS

Microsoft Defender Denial of Service Vulnerability (CVE-2026-45498)

CVE-2026-45498 is a denial-of-service vulnerability in Microsoft Defender that could disrupt endpoint protection capabilities, requiring timely mitigation per vendor instructions.

Defender denial-of-service vulnerability microsoft-defender

2r 1t 1c May 20, 2026

high advisory

CVE-2026-41091 - Microsoft Defender Link Following Vulnerability

2 rules 1 TTP 1 CVE

CVE-2026-41091 is a link following vulnerability in Microsoft Defender that allows an authorized attacker to escalate privileges locally.

Defender privilege-escalation cve

2r 1t 1c May 20, 2026

critical advisory

CVE-2026-45584 - Microsoft Defender Heap-based Buffer Overflow RCE

2 rules 1 TTP 1 CVE

CVE-2026-45584 is a heap-based buffer overflow vulnerability in Microsoft Defender that allows an unauthorized attacker to execute arbitrary code over a network.

Defender cve-2026-45584 heap-overflow rce microsoft-defender

2r 1t 1c May 20, 2026

high advisory

Multiple Vulnerabilities in Microsoft Defender and Malware Protection Engine

2 rules 3 TTPs

Multiple vulnerabilities in Microsoft Defender and Microsoft Malware Protection Engine could allow an attacker to elevate privileges, execute arbitrary code, and cause a denial of service condition.

Defender +1 privilege-escalation execution impact windows

2r 3t May 20, 2026

high advisory

Komari Agent Abused as SYSTEM-Level Backdoor

2 rules 4 TTPs 2 IOCs

Threat actors are abusing the Komari monitoring agent, a project hosted on GitHub, as a SYSTEM-level backdoor following initial access through compromised VPN credentials and lateral movement via Impacket.

Defender +2 komari backdoor nssm github rat reverse shell

2r 4t 2i Apr 30, 2026