Microsoft has cataloged a new local elevation-of-privilege (EoP) vulnerability in the Windows Extensible File Allocation Table (exFAT) implementation — tracked as CVE-2026-25174 — an out‑of‑bounds read that Microsoft says can allow an authorized local attacker to escalate privileges to a higher...
