Microsoft has cataloged CVE-2026-26128 as an elevation-of-privilege defect in the Windows SMB Server that allows an authorized (local) attacker to escalate privileges on affected systems — an urgent operational risk for any organization that does not treat local-attack vectors and SMB components...
