CVE-2024-38178: Microsoft Windows Scripting Engine Memory Corruption
Microsoft Windows Scripting Engine Memory Corruption Vulnerability. Microsoft Windows Scripting Engine contains a memory corruption vulnerability that allows unauthenticated attacker to initiate remote code execution via a specially crafted URL.
- CISA KEV-listed (remediation due 2024-09-03)
- EPSS 30.2% (96.8% percentile)