You are using an out of date browser. It may not display this or other websites correctly. You should upgrade or use an alternative browser.
cve 2026-34330
About this tag
CVE-2026-34330 is a Windows Win32k elevation-of-privilege vulnerability in the GRFX component, rated Important by Microsoft. Disclosed on May 12, 2026, it allows a locally authenticated attacker to exploit an integer overflow or wraparound weakness to gain SYSTEM privileges. While Microsoft assesses exploitation as unlikely at publication and the flaw is not wormable, the combination of local attack vector, low complexity, confirmed reporting, and an available vendor fix makes it a notable security concern for defenders, particularly in post-compromise scenarios.
Microsoft disclosed CVE-2026-34330 on May 12, 2026, as an Important-rated Windows Win32k elevation-of-privilege flaw in the GRFX component that can let a locally authenticated attacker gain SYSTEM privileges after exploiting an integer overflow or wraparound weakness. The advisory is not...