Back

Microsoft's MDASH AI System Discovers 16 Windows Vulnerabilities

Severity: High (Score: 72.5)

Sources: Letsdatascience, Uk.Pcmag, www.computerworld.com, www.itsecuritynews.info, Ground.News

Summary

Microsoft's newly developed MDASH (Multi-Model Agentic Scanning Harness) identified 16 vulnerabilities in Windows, including four critical remote code execution (RCE) flaws. The vulnerabilities were found in key components such as the TCP/IP stack and IKEv2 service. These findings were part of Microsoft's May Patch Tuesday, which addressed a total of 120 CVEs. MDASH utilizes over 100 specialized AI agents to enhance vulnerability detection, achieving an 88.45% score on the CyberGym benchmark. The system is currently in a private preview phase with select enterprise customers. The vulnerabilities include CVE-2026-40361 and CVE-2026-40364, published on May 12, 2026. Microsoft emphasizes that the AI system's architecture allows for efficient vulnerability discovery at scale, marking a significant advancement in cybersecurity tools. Key Points: • MDASH discovered 16 vulnerabilities, including four critical RCE flaws in Windows components. • The system achieved an 88.45% score on the CyberGym benchmark, outperforming competitors. • Microsoft's May Patch Tuesday addressed a total of 120 CVEs, with MDASH contributing significantly.

Key Entities

  • Remote Code Execution (attack_type)
  • Zero-day Exploit (attack_type)
  • United States (country)
  • CVE-2026-33109 (cve)
  • CVE-2026-40361 (cve)
  • CVE-2026-40364 (cve)
  • CVE-2026-41096 (cve)
  • CVE-2026-42826 (cve)
  • Apache Cassandra (platform)
  • Azure DevOps (platform)
  • Edge (platform)
  • Firefox (platform)
  • Hyper-V (platform)
  • Azure (company)
Loading threat details...

Threat Not Found

The threat cluster you're looking for doesn't exist or has been removed.

Return to Feed