CVE-2010-0806 — Microsoft Internet Explorer: Microsoft Internet Explorer Use-After-Free Vulnerability

/HIGH
Written by SCW Vulnerability Desk Vulnerability Intelligence
CISA KEV vulnerabilitycvecisa-kevactively-exploited
CVE-2010-0806 — Microsoft Internet Explorer: Microsoft Internet Explorer Use-After-Free Vulnerability

Image via

CVE-2010-0806 — Microsoft Internet Explorer contains an use-after-free vulnerability that could allow remote attackers to execute arbitrary code via vectors involving access to an invalid pointer after the deletion of an object. The impacted product could be end-of-life (EoL) and/or end-of-service (

https://learn.microsoft.com/en-us/security-updates/securityadvisories/2010/981374

What This Means For You

  • CISA has confirmed active exploitation — immediate patching required.
  • Added to CISA KEV catalog — federal agencies must remediate by 2026-06-03.

Related ATT&CK Techniques

T1204.002 Malicious File Initial Access T1190 Exploit Public-Facing Application Initial Access

Indicators of Compromise

IDTypeIndicator
CVE-2010-0806 Use After Free Microsoft Internet Explorer
CVE-2010-0806 RCE invalid pointer access after object deletion

Written by SCW Vulnerability Desk

🔎
Turn this CVE into SIEM detection coverage Generate detection rules for Splunk, Sentinel, QRadar & Elastic — straight from this vulnerability. Use /detect in the Intel Bot.
Open Intel Bot →
Source & Attribution
Source PlatformCISA
ChannelCISA KEV
Channel IDcisa-kev
Message ID20100806
PublishedMay 20, 2026 at 15:00 UTC
Original Linkhttps://learn.microsoft.com/en-us/security-updates/securi...

This content was curated and summarized by Shimi's Cyber World for informational purposes. It is not copied or republished in full. All intellectual property rights remain with the original author and source.

Believe this infringes your rights? Submit a takedown request.

Related coverage

CVE-2026-9141: Taiko AG1000-01A SMS Gateway Critical Auth Bypass

CVE-2026-9141 — Taiko AG1000-01A SMS Alert Gateway Rev 7.3 and Rev 8 contains an authentication bypass vulnerability in the embedded web configuration interface that allows...

vulnerabilityCVEcriticalhigh-severityauthentication-bypasscwe-306
/SCW Vulnerability Desk /CRITICAL /9.8 /⚑ 3 IOCs /⚙ 7 Sigma

Taiko AG1000-01A SMS Gateway Critical Hard-Coded Credential Vulnerability

CVE-2026-9139 — Taiko AG1000-01A SMS Alert Gateway Rev 7.3 and Rev 8 contains a hard-coded credential vulnerability in the embedded web configuration interface where authentication...

vulnerabilityCVEcriticalhigh-severitycwe-798
/SCW Vulnerability Desk /CRITICAL /9.8 /⚑ 1 IOC /⚙ 3 Sigma

Google Chrome Use-After-Free (CVE-2026-9126) Allows RCE

CVE-2026-9126 — Use after free in DOM in Google Chrome on prior to 148.0.7778.179 allowed a remote attacker to execute arbitrary code inside a sandbox...

vulnerabilityCVEhigh-severityuse-after-freecwe-416
/SCW Vulnerability Desk /HIGH /8.8 /⚑ 3 IOCs /⚙ 3 Sigma