cve-2026-45606

CVE-2026-45606 is a denial-of-service vulnerability in the Windows UxTheme Library (uxtheme.dll), disclosed by Microsoft on June 9, 2026. The flaw is an out-of-bounds read that a local attacker with low privileges can exploit to disrupt service. It carries a CVSS score of 5.5 (Important) with no confidentiality or integrity impact, and no evidence of public disclosure or active exploitation at publication. This CVE highlights that even core aesthetic components like uxtheme.dll can harbor security issues, underscoring the importance of applying Patch Tuesday fixes to maintain system stability.