cve 2026 20808

CVE-2026-20808 is a high-priority local elevation-of-privilege (EoP) vulnerability in Windows File Explorer. It stems from a race condition in the Printer Association Object, which is part of the printer-related code within the Shell. An authorized local user or local malware can exploit this flaw to escalate privileges on an affected system. Microsoft has issued a security advisory confirming the issue and recommends administrators apply the available updates as soon as possible. This vulnerability is specific to Windows and requires local access, making it a significant concern for enterprise IT environments where multiple users share systems.