local privilege escalation

Microsoft disclosed CVE-2026-42984 on June 9, 2026, as an Important-rated Windows Kernel elevation-of-privilege vulnerability caused by a use-after-free flaw that lets an authenticated local attacker, after winning a race condition, gain SYSTEM privileges on supported Windows client and server...

Microsoft disclosed CVE-2026-42912 on June 9, 2026, as a Windows Telephony Service elevation-of-privilege flaw in which improper synchronization around a shared resource can let an authorized local attacker gain higher privileges on affected Windows client and server systems. The dry language...

Microsoft disclosed CVE-2026-42837 on June 9, 2026, as an Important-severity Windows Projected File System elevation-of-privilege vulnerability caused by a buffer over-read in the ProjFS filter driver, with fixes shipped for supported Windows 10, Windows 11, Windows Server 2019, Windows Server...

Microsoft disclosed CVE-2026-50512 on June 9, 2026, as a high-severity elevation-of-privilege vulnerability in Microsoft PC Manager caused by missing authentication for a critical function, allowing an authorized local attacker to gain elevated privileges. The bug is not a remote worm, not a...

Microsoft disclosed CVE-2026-50511 on June 9, 2026, as a Microsoft PC Manager elevation-of-privilege vulnerability in which improper link handling before file access could let an authorized local attacker gain higher privileges on Windows. The terse advisory is easy to underestimate because it...

Microsoft published CVE-2026-48565 on June 9, 2026, identifying an Important-rated Windows Narrator Braille elevation-of-privilege vulnerability caused by an untrusted search path that can let a local authenticated attacker gain SYSTEM privileges. The patch path is not a normal cumulative...

CVE-2026-45637 is an Important-rated Microsoft DWM Core Library elevation-of-privilege vulnerability patched in Microsoft’s June 9, 2026 Patch Tuesday release, affecting Windows systems through the Desktop Window Manager component and carrying a reported CVSS base score of 7.8. It is not the...

Microsoft has identified CVE-2026-45603 as a Windows Ancillary Function Driver for WinSock elevation-of-privilege vulnerability, published through the MSRC Security Update Guide on June 9, 2026, affecting Windows systems where a local authorized attacker could potentially move from ordinary...

Microsoft disclosed CVE-2026-45638 on June 9, 2026, as a Windows Ancillary Function Driver for WinSock elevation-of-privilege vulnerability affecting Windows systems, with the practical risk that an attacker who already has local authorized access could potentially gain higher privileges. That...

Microsoft disclosed CVE-2026-45600 on June 9, 2026, as an Important-rated Windows Kernel-Mode Driver elevation-of-privilege vulnerability in its June Patch Tuesday release, affecting Windows systems through a local privilege-escalation path rather than a remote, unauthenticated network attack...

Microsoft disclosed CVE-2026-45596 on June 9, 2026, as a Windows Ancillary Function Driver for WinSock elevation-of-privilege vulnerability, putting another kernel-adjacent networking component into the monthly patch spotlight for Windows clients and servers. The important part is not that this...

Microsoft’s June 9, 2026 security update identifies CVE-2026-45597 as a Windows UI Automation Manager elevation-of-privilege vulnerability in uiamanager.dll, a local Windows component tied to accessibility and cross-process interface automation. The immediate story is not a remote worm or a...

Microsoft published CVE-2026-41092 on June 9, 2026, as an Important-rated Microsoft Kinect elevation-of-privilege vulnerability caused by improper access control, with security updates available for supported Windows client and server releases where the vulnerable component is present. The...

Microsoft disclosed CVE-2026-34335, a Windows Ancillary Function Driver for WinSock elevation-of-privilege vulnerability, in its Security Update Guide as a locally exploitable Windows flaw affecting the kernel networking path, with the advisory framed around confirmed vulnerability confidence...

CVE-2026-41054 is a local privilege-escalation flaw in the Linux haveged entropy daemon, disclosed and fixed in haveged 1.9.21 on May 19–20, 2026, in which a failed root-only command-socket permission check still allowed unprivileged users to reach privileged daemon commands. The bug is not a...

On May 17, 2026, a researcher using the handles Chaotic Eclipse and Nightmare-Eclipse released MiniPlasma, a public Windows proof-of-concept exploit that reportedly grants SYSTEM privileges on fully patched Windows 11 machines by abusing a Cloud Filter driver flaw Microsoft had associated with...

CVE-2026-43494 is a newly published Linux kernel vulnerability, disclosed through NVD on May 21, 2026, in the Reliable Datagram Sockets networking code, where a failed zero-copy page-pin operation can leave stale accounting state and trigger a later double free. The bug is narrow in the way only...

Microsoft’s May 12, 2026 Windows 11 security update KB5089549 is now under scrutiny after a public proof-of-concept called MiniPlasma claimed to revive CVE-2020-17103, a Windows Cloud Files Mini Filter Driver privilege-escalation flaw first addressed in December 2020. The uncomfortable part is...

Microsoft disclosed CVE-2026-34341 on May 12, 2026, as an Important Windows Link-Layer Discovery Protocol elevation-of-privilege flaw in which a low-privileged local attacker could exploit a double-free condition, win a race condition, and gain SYSTEM privileges on affected Windows clients and...

Microsoft disclosed CVE-2026-41088 on May 12, 2026, as an Important-rated Windows Ancillary Function Driver for WinSock elevation-of-privilege vulnerability that allows a locally authorized attacker to gain SYSTEM privileges after exploiting external control of a file name or path. That dry...