Jun 2026: Windows Dynamic Host Configuration Protocol (DHCP) Tampering Vulnerability
CVE-2026-45602 Published on June 9, 2026
Windows Dynamic Host Configuration Protocol (DHCP) Tampering Vulnerability
No cwe for this issue in Windows DHCP Server allows an unauthorized attacker to perform tampering over a network.
Weakness Types
Acceptance of Extraneous Untrusted Data With Trusted Data
The software, when processing trusted data, accepts any untrusted data that is also included with the trusted data, treating the untrusted data as if it were trusted.
Improper Handling of Values
The software does not properly handle when the expected number of values for parameters, fields, or arguments is not provided in input, or if those values are undefined.
Products Associated with CVE-2026-45602
Want to know whenever a new CVE is published for Microsoft products? stack.watch will email you.
Affected Versions
Microsoft Windows 10 Version 1607:- Version 10.0.14393.0 and below 10.0.14393.9234 is affected.
- Version 10.0.17763.0 and below 10.0.17763.8880 is affected.
- Version 10.0.19044.0 and below 10.0.19044.7417 is affected.
- Version 10.0.19045.0 and below 10.0.19045.7417 is affected.
- Version 10.0.22631.0 and below 10.0.22631.7219 is affected.
- Version 10.0.22631.0 and below 10.0.22631.7219 is affected.
- Version 10.0.26100.0 and below 10.0.26100.8655 is affected.
- Version 10.0.26200.0 and below 10.0.26200.8655 is affected.
- Version 10.0.28000.0 and below 10.0.28000.2269 is affected.
- Version 6.2.9200.0 and below 6.2.9200.26132 is affected.
- Version 6.2.9200.0 and below 6.2.9200.26132 is affected.
- Version 6.3.9600.0 and below 6.3.9600.23228 is affected.
- Version 6.3.9600.0 and below 6.3.9600.23228 is affected.
- Version 10.0.14393.0 and below 10.0.14393.9234 is affected.
- Version 10.0.14393.0 and below 10.0.14393.9234 is affected.
- Version 10.0.17763.0 and below 10.0.17763.8880 is affected.
- Version 10.0.17763.0 and below 10.0.17763.8880 is affected.
- Version 10.0.20348.0 and below 10.0.20348.5256 is affected.
- Version 10.0.26100.0 and below 10.0.26100.32995 is affected.
- Version 10.0.26100.0 and below 10.0.26100.32995 is affected.
Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.