[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2026-45498":6},{"stargazers_count":4,"fetched_at":5},6,"2026-05-20T17:11:50.996Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":93,"aliases":94,"duplicate_of":9,"upstream":95,"downstream":96,"duplicates":97,"related":98,"reserved_at":9,"published_at":99,"modified_at":100,"state":101,"summary":102,"references_raw":111,"kevs":126,"epss":9,"epss_history":136,"metrics":137,"affected":149},"CVE-2026-45498","Microsoft Defender Denial of Service Vulnerability",null,[11,18],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":9,"likelihood_of_exploit":9,"capec":17},"NVD-CWE-NOINFO","Insufficient Information","NVD uses this CWE ID when there is insufficient information to assign a specific CWE.","placeholder","NVD-Reserved",[],{"_key":19,"id":19,"name":20,"description":21,"type":22,"status":23,"abstraction":24,"likelihood_of_exploit":25,"capec":26},"CWE-400","Uncontrolled Resource Consumption","The product does not properly control the allocation and maintenance of a limited resource.","weakness","Draft","Class","High",[27,31,89],{"id":28,"name":29,"techniques":30},"CAPEC-147","XML Ping of the Death",[],{"id":32,"name":33,"techniques":34},"CAPEC-227","Sustained Client Engagement",[35],{"id":36,"name":37,"tactics":38,"countermeasures":42},"T1499","Endpoint Denial of Service",[39],{"id":40,"name":41},"TA0105","Impact",[43,48,52,56,60,64,68,72,76,80,85],{"id":44,"name":45,"tactic":46},"D3-UGLPA","User Geolocation Logon Pattern Analysis",{"name":47},"Detect",{"id":49,"name":50,"tactic":51},"D3-PMAD","Protocol Metadata Anomaly Detection",{"name":47},{"id":53,"name":54,"tactic":55},"D3-CSPP","Client-server Payload Profiling",{"name":47},{"id":57,"name":58,"tactic":59},"D3-PHDURA","Per Host Download-Upload Ratio Analysis",{"name":47},{"id":61,"name":62,"tactic":63},"D3-NTSA","Network Traffic Signature Analysis",{"name":47},{"id":65,"name":66,"tactic":67},"D3-APCA","Application Protocol Command Analysis",{"name":47},{"id":69,"name":70,"tactic":71},"D3-NTCD","Network Traffic Community Deviation",{"name":47},{"id":73,"name":74,"tactic":75},"D3-RTSD","Remote Terminal Session Detection",{"name":47},{"id":77,"name":78,"tactic":79},"D3-ISVA","Inbound Session Volume Analysis",{"name":47},{"id":81,"name":82,"tactic":83},"D3-NTF","Network Traffic Filtering",{"name":84},"Isolate",{"id":86,"name":87,"tactic":88},"D3-ITF","Inbound Traffic Filtering",{"name":84},{"id":90,"name":91,"techniques":92},"CAPEC-492","Regular Expression Exponential Blowup",[],[],[],[],[],[],[],"2026-05-20T13:09:12.903Z","2026-05-20T17:12:06.585Z","Analyzed",{"cisa_kev":103,"cisa_ransomware":104,"cisa_vendor":105,"epss_severity":9,"epss_score":9,"severity":106,"severity_score":107,"severity_version":108,"severity_source":109,"severity_vector":110,"severity_status":101},true,false,"Microsoft","high",7.5,"v3.1","nvd","CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",[112,119],{"url":113,"sources":114,"tags":116},"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45498",[115,109],"cve.org",[117,118],"Vendor Advisory","Patch",{"url":120,"sources":121,"tags":122},"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-45498",[115,109],[123,124,125],"Government Resource","Third Party Advisory","US Government Resource",[127],{"source":128,"vendor":105,"product":129,"date_added":130,"vulnerability_name":8,"short_description":131,"required_action":132,"due_date":133,"known_ransomware_campaign_use":134,"notes":135,"exploitation_type":9},"cisa","Defender","2026-05-20","Microsoft Defender contains an unspecified vulnerability that allows for denial of service.","Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.","2026-06-03","Unknown","https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-45498 ; https://nvd.nist.gov/vuln/detail/CVE-2026-45498",[],[138,145],{"source":115,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":139,"cvss_v4_0":9},{"baseScore":140,"baseSeverity":141,"vectorString":142,"impactScore":143,"exploitabilityScore":144},4,"MEDIUM","CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C",2.3,6.4,{"source":109,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":146,"cvss_v4_0":9},{"baseScore":107,"baseSeverity":147,"vectorString":110,"impactScore":4,"exploitabilityScore":148},"HIGH",10,[150,163],{"ecosystem":9,"name":151,"vendor":152,"product":153,"cpe_part":154,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":155},"defender antimalware platform","microsoft","defender_antimalware_platform","a",[156],{"version":157,"is_range":103,"range_type":158,"version_start":159,"version_start_type":160,"version_end":161,"version_end_type":162,"fixed_in":9},"gte4.18.26030.3011_lt4.18.26040.7","cpe","4.18.26030.3011","including","4.18.26040.7","excluding",{"ecosystem":9,"name":164,"vendor":152,"product":165,"cpe_part":154,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":166},"Microsoft Defender Antimalware Platform","microsoft defender antimalware platform",[167],{"version":168,"is_range":104,"range_type":115,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"-"]