RPC Runtime Remote Code Execution Vulnerability
Use after free in RPC Runtime allows an authorized attacker to execute code over a network.
MSRC compact vulnerability detail
CVE-2026-23669 · RPC Runtime Library Remote Code Execution Vulnerability
Use after free in RPC Runtime allows an authorized attacker to execute code over a network.
Signals
RPC Runtime
Remote Code Execution
Exploited: No
Publicly disclosed: No
Exploitability: Exploitation Less Likely
CWE
Patch Diff
Loading module diff metadata...
Resolved binary override
Use this when the MSRC module name cannot be mapped automatically or the resolved binary looks wrong.
Description
Use after free in RPC Runtime allows an authorized attacker to execute code over a network.
FAQ / Articles
FAQ
How could an attacker exploit this vulnerability? An attacker could exploit this vulnerability by sending specially crafted network responses to a system running the Windows Print Spooler service. These malformed responses may cause the service to process invalid data, leading to memory corruption within the affected component. The issue requires the attacker to already have low‑privilege authentication to the target environment, and there is no indication in the provided information that user interaction is required.
FAQ
According to the CVSS metric, privileges required is low (PR:L). What does that mean for this vulnerability? Any authenticated attacker could trigger this vulnerability. It does not require admin or other elevated privileges.