You are using an out of date browser. It may not display this or other websites correctly. You should upgrade or use an alternative browser.
cve-2026-32219
About this tag
CVE-2026-32219 is a Windows privilege escalation vulnerability disclosed by Microsoft on April 14, 2026. It affects the Microsoft Brokering File System (BFS) component and involves a double free condition caused by improper synchronization. An authenticated attacker with low privileges could exploit this flaw to gain SYSTEM-level control on affected machines. The vulnerability is classified as a local elevation-of-privilege bug and is notable for being a memory-safety issue in a kernel-adjacent code path. Users should apply the April 2026 security updates to mitigate the risk.
Microsoft’s CVE-2026-32219 is the kind of Windows flaw that security teams dread because it sits squarely in the privilege-escalation lane: an authenticated low-privilege attacker can use it to reach SYSTEM-level control on affected machines. The advisory is for the Microsoft Brokering File...