Threat Intelligence / CVE / CVE-2026-23666

CVE-2026-23666

CVSS 9.8 (CRITICAL) · EPSS 0.2% · Published 2026-04-14

Windows TCP/IP IPv6 remote code execution vulnerability caused by an integer overflow in IPv6 fragment reassembly. Reachable from any adjacent network and rated wormable by Microsoft MSRC, allowing unauthenticated attackers to achieve code execution via crafted IPv6 packets.

CVSS v3 vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C

Weaknesses (CWE)

CWE-190

Threats tracking this CVE

Microsoft April 2026 Patch Tuesday — 167 Flaws, 2 Zero-Days (SharePoint Spoofing CVE-2026-32201 + Defender EoP CVE-2026-33825) — CRITICAL

Full detection coverage & IOCs for threats exploiting CVE-2026-23666 are available via the Threadlinqs MCP server (Purple tier). View plans →

Markdown version · Threadlinqs Intelligence