CVE-2026-40380

Heap-based buffer overflow in Volume Manager Extension Driver allows an authorized attacker to execute code with a physical attack

MEDIUMMonitor

Published:May 12, 2026(7 days ago)

Modified:May 12, 2026

Physical AccessNo InteractionLow Complexity

Vulnerability Description

Heap-based buffer overflow in Volume Manager Extension Driver allows an authorized attacker to execute code with a physical attack.

Physical AccessLow ComplexityHigh PrivilegesNo User Interaction

🤖

AI analysis not yet available

Plain-English explanation, risk summary, and remediation steps will appear here once AI analysis is complete.

v3.1

6.2/ 10.0

MEDIUM

AV:P/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Affected Products

References

CVSS:3.1/AV:P/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Exploitability

Attack VectorPhysical

Attack ComplexityLow

Privileges RequiredHigh

User InteractionNone

Impact

ScopeUnchanged

ConfidentialityHigh

IntegrityHigh

AvailabilityHigh