cve-2026-40408

CVE-2026-40408 is an Important-rated elevation-of-privilege vulnerability in the Windows WAN ARP Driver, disclosed by Microsoft on May 12, 2026. It affects supported Windows client and server releases and allows a locally authenticated attacker to gain SYSTEM privileges by exploiting a use-after-free flaw. The vulnerability resides in kernel-mode driver territory, carries a CVSS base score of 7.8, and is not a remote worm, public zero-day, or known to be exploited in the wild. Discussions on WindowsForum.com cover the technical details, affected systems, and mitigation strategies for CVE-2026-40408, emphasizing the risk of local privilege escalation to SYSTEM.