CVE-2026-54995
Windows Reliable Multicast Transport Driver (RMCAST) Remote Code Execution Vulnerability
Description
Use after free in Reliable Multicast Transport Driver (RMCAST) allows an unauthorized attacker to execute code over a network.
In plain language
AI Act nowCVE-2026-54995 is a Windows network flaw that can let a remote attacker run code, without needing a login or clicking anything. Because it’s a serious remote code execution risk, most small businesses should act to update their affected Windows systems.
CVE-2026-54995 is a remote code execution issue in the Windows Reliable Multicast Transport Driver (RMCAST) caused by a use-after-free memory flaw that can be triggered over the network without authentication or user interaction.
What to do now
- Identify which machines run the affected Windows versions: Windows 10, Windows 11, or the listed Windows Server editions.
- Check whether each machine has been updated past the “fixed in” versions for its specific edition (see below).
- Install the Microsoft update for CVE-2026-54995 on each affected machine and confirm the update is installed.
- If you can’t update immediately, temporarily limit exposure of those machines to untrusted networks until the update is applied.
CVSS Vector Breakdown
AV:NAttack VectorAC:HAttack ComplexityPR:NPrivileges RequiredUI:NUser InteractionS:UScopeC:HConfidentialityI:HIntegrityA:HAvailabilityWeaknesses
Affected Products
Exploitability
Attack Graph
Click technique nodes for MITRE ATT&CK details · drag to pan · Ctrl/⌘ + scroll to zoom, or go fullscreen.
MITRE ATT&CK
2 techniquesReferences
- Microsoft and Adobe Patch Tuesday, July 2026 Security Update Reviewen-us·Qualys Security Blog·
- Microsoft Patch Tuesday for July 2026 — Snort rules and prominent vulnerabilitiesen·Cisco Talos·
- Microsoft Patch Tuesday July 2026 - The AI Acopolypse is Hereen·SANS Internet Storm Center·
- Microsoft July 2026 Patch Tuesday fixes massive 570 flaws, 3 zero-daysen-us·BleepingComputer·
Unlock Complete Vulnerability Intelligence
Get the full picture for CVE-2026-54995 and every CVE in our database. Create a free account — no credit card required.
Create Free Account