CVE-2023-36884
HIGHWindows Search Remote Code Execution Vulnerability
EPSS Exploitation Probability
EPSS (Exploit Prediction Scoring System) is a daily probability model maintained by FIRST.org. It estimates the likelihood a CVE will be exploited in production environments within the next 30 days, derived from real-world threat intelligence signals.
Description
Windows Search Remote Code Execution Vulnerability
Affected Products
windows 10 21h2microsoftwindows 10 22h2microsoftwindows 10 1507microsoftwindows 10 1607microsoftwindows 10 1809microsoftwindows 11 21h2microsoftResearch use only. For defensive security, authorized penetration testing, and academic research only. Never execute exploit code against systems without explicit written authorization.
Windows Search Remote Code Execution Vulnerability
Windows Search Remote Code Execution Vulnerability
Windows Search Remote Code Execution Vulnerability
Windows Search Remote Code Execution Vulnerability
Windows Search Remote Code Execution Vulnerability
Windows Search Remote Code Execution Vulnerability
Windows Search Remote Code Execution Vulnerability
Windows Search Remote Code Execution Vulnerability
Frequently Asked Questions
Is CVE-2023-36884 in your stack?
O3 detects CVE-2023-36884 across dependencies and uses function-level reachability to confirm whether the vulnerable code path is actually reachable — not just present. No false positives.