core-jmp core-jmpdeath of core jump

CVE-2026-58532: An Integer Overflow in Windows tcpip.sys

A user-controlled 64-bit record count multiplied by the 0x228 record size wraps to zero in the Windows tcpip.sys WFP ALE deserialiser, defeating a kernel bounds check. A walkthrough of CVE-2026-58532, its 30-line proof of…

CVE-2026-58532: An Integer Overflow in Windows tcpip.sys

0x01 // Recent research

all 297 posts →
1 2 18