cve-2026-41092

CVE-2026-41092 is a Microsoft Kinect elevation-of-privilege vulnerability rated Important, disclosed in June 2026. It stems from improper access control in the Kinect driver, allowing a local attacker to escalate privileges to SYSTEM. Microsoft released security updates for supported Windows client and server versions where the vulnerable component is present. The tag covers discussions about the bug's impact on enterprise environments, where legacy Kinect hardware may still be in use, and the importance of applying the June 2026 patch to mitigate local privilege escalation risks.