Vulnerability Details CVE-2026-20854
Use after free in Windows Local Security Authority Subsystem Service (LSASS) allows an authorized attacker to execute code over a network.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 19.3%
CVSS Severity
CVSS v3 Score 7.5
Products affected by CVE-2026-20854
-
cpe:2.3:o:microsoft:windows_11_24h2:-
-
cpe:2.3:o:microsoft:windows_11_24h2:10.0.26100.1742
-
cpe:2.3:o:microsoft:windows_11_24h2:10.0.26100.2033
-
cpe:2.3:o:microsoft:windows_11_24h2:10.0.26100.2161
-
cpe:2.3:o:microsoft:windows_11_24h2:10.0.26100.2314
-
cpe:2.3:o:microsoft:windows_11_24h2:10.0.26100.2454
-
cpe:2.3:o:microsoft:windows_11_24h2:10.0.26100.2605
-
cpe:2.3:o:microsoft:windows_11_24h2:10.0.26100.2894
-
cpe:2.3:o:microsoft:windows_11_24h2:10.0.26100.3107
-
cpe:2.3:o:microsoft:windows_11_24h2:10.0.26100.3194
-
cpe:2.3:o:microsoft:windows_11_24h2:10.0.26100.3403
-
cpe:2.3:o:microsoft:windows_11_24h2:10.0.26100.3476
-
cpe:2.3:o:microsoft:windows_11_24h2:10.0.26100.3775
-
cpe:2.3:o:microsoft:windows_11_24h2:10.0.26100.3981
-
cpe:2.3:o:microsoft:windows_11_24h2:10.0.26100.4061
-
cpe:2.3:o:microsoft:windows_11_24h2:10.0.26100.4270
-
cpe:2.3:o:microsoft:windows_11_24h2:10.0.26100.4349
-
cpe:2.3:o:microsoft:windows_11_24h2:10.0.26100.4652
-
cpe:2.3:o:microsoft:windows_11_24h2:10.0.26100.4851
-
cpe:2.3:o:microsoft:windows_11_24h2:10.0.26100.4946
-
cpe:2.3:o:microsoft:windows_11_24h2:10.0.26100.6508
-
cpe:2.3:o:microsoft:windows_11_24h2:10.0.26100.6563
-
cpe:2.3:o:microsoft:windows_11_24h2:10.0.26100.6584
-
cpe:2.3:o:microsoft:windows_11_24h2:10.0.26100.6899
-
cpe:2.3:o:microsoft:windows_11_24h2:10.0.26100.7092
-
cpe:2.3:o:microsoft:windows_11_24h2:10.0.26100.7171
-
cpe:2.3:o:microsoft:windows_11_25h2:-
-
cpe:2.3:o:microsoft:windows_11_25h2:10.0.26200.6899
-
cpe:2.3:o:microsoft:windows_11_25h2:10.0.26200.7092
-
cpe:2.3:o:microsoft:windows_11_25h2:10.0.26200.7171
-
cpe:2.3:o:microsoft:windows_server_2025:-
-
cpe:2.3:o:microsoft:windows_server_2025:10.0.26100.2033
-
cpe:2.3:o:microsoft:windows_server_2025:10.0.26100.2314
-
cpe:2.3:o:microsoft:windows_server_2025:10.0.26100.2605
-
cpe:2.3:o:microsoft:windows_server_2025:10.0.26100.2894
-
cpe:2.3:o:microsoft:windows_server_2025:10.0.26100.3107
-
cpe:2.3:o:microsoft:windows_server_2025:10.0.26100.3194
-
cpe:2.3:o:microsoft:windows_server_2025:10.0.26100.3403
-
cpe:2.3:o:microsoft:windows_server_2025:10.0.26100.3476
-
cpe:2.3:o:microsoft:windows_server_2025:10.0.26100.3775
-
cpe:2.3:o:microsoft:windows_server_2025:10.0.26100.3781
-
cpe:2.3:o:microsoft:windows_server_2025:10.0.26100.3981
-
cpe:2.3:o:microsoft:windows_server_2025:10.0.26100.4061
-
cpe:2.3:o:microsoft:windows_server_2025:10.0.26100.4066
-
cpe:2.3:o:microsoft:windows_server_2025:10.0.26100.4270
-
cpe:2.3:o:microsoft:windows_server_2025:10.0.26100.4349
-
cpe:2.3:o:microsoft:windows_server_2025:10.0.26100.4652
-
cpe:2.3:o:microsoft:windows_server_2025:10.0.26100.4656
-
cpe:2.3:o:microsoft:windows_server_2025:10.0.26100.4851
-
cpe:2.3:o:microsoft:windows_server_2025:10.0.26100.4946
-
cpe:2.3:o:microsoft:windows_server_2025:10.0.26100.6508
-
cpe:2.3:o:microsoft:windows_server_2025:10.0.26100.6563
-
cpe:2.3:o:microsoft:windows_server_2025:10.0.26100.6584
-
cpe:2.3:o:microsoft:windows_server_2025:10.0.26100.6899
-
cpe:2.3:o:microsoft:windows_server_2025:10.0.26100.6905
-
cpe:2.3:o:microsoft:windows_server_2025:10.0.26100.7092
-
cpe:2.3:o:microsoft:windows_server_2025:10.0.26100.7171
-
cpe:2.3:o:microsoft:windows_server_2025:10.0.26100.7623