CVE-2026-42985: Heap-based buffer overflow in Remote Desktop Client allows

Heap-based buffer overflow in Remote Desktop Client allows an unauthorized attacker to execute code over a network.

• EPSS 0.1% (23.4% percentile)
• CVSS 8.8 high

Related briefings

• Microsoft patches 206 flaws, four critical bugs likely to be exploited 2026-06-10

Browse the CVE database

Read the full analysis on IntelFusions