You are using an out of date browser. It may not display this or other websites correctly. You should upgrade or use an alternative browser.
cve 2026 25171
About this tag
CVE-2026-25171 is a local privilege escalation vulnerability in Windows Authentication Methods, classified as a use-after-free bug. Microsoft assigned it a CVSS v3.1 base score of 7.0. The flaw requires an already authenticated local attacker to trigger the use-after-free condition, potentially allowing elevation of privileges on the affected system. This tag covers discussions and advisories related to CVE-2026-25171, including technical details, impact analysis, and mitigation guidance for Windows systems.
Microsoft has recorded CVE-2026-25171 as a local elevation-of-privilege (EoP) bug in Windows Authentication Methods — a use‑after‑free in authentication code that, if triggered by an already authorized local actor, can elevate privileges on an affected host; Microsoft’s advisory entry and...