top of page
perceptive_background_267k.jpg

Successful exploitation of the race condition vulnerability could allow
an attacker to trigger a kernel heap overflow, potentially leading to local privilege
es…

Published:

26 april 2026 om 22:00:00

Alert date:

27 april 2026 om 04:02:01

Source:

nvd.nist.gov

Click to open the original link from this advisory

Operating Systems

CVE-2026-3006 is a race condition vulnerability in WinFSP that can be exploited to trigger a kernel heap overflow. Successful exploitation allows an attacker to achieve local privilege escalation and gain system-level access to the affected software. The vulnerability represents a high-severity security issue that could compromise the integrity of systems running vulnerable versions of WinFSP. The issue has been addressed in version v2.2B1 according to the GitHub release notes.

Technical details

Mitigation steps:

Affected products:

WinFSP

Related links:

https://nvd.nist.gov/vuln/detail/CVE-2026-3006
https://github.com/winfsp/winfsp/releases/tag/v2.2B1
https://www.csa.gov.sg/alerts-and-advisories/alerts/al-2026-043

Related CVE's:

Related threat actors:

IOC's:

This article was created with the assistance of AI technology by Perceptive.

About us

© 2025 by Perceptive Security. All rights reserved.

email: info@perceptivesecurity.com

Deze website toont informatie afkomstig van externe bronnen; Perceptive aanvaardt geen verantwoordelijkheid voor de juistheid, volledigheid of actualiteit van deze informatie.

bottom of page