local privilege escalation

CVE-2026-26165 is the kind of Windows bug that forces defenders to separate what Microsoft has confirmed from what the broader ecosystem is inferring. Microsoft’s Security Update Guide labels it a Windows Shell Elevation of Privilege Vulnerability, and the confidence metric you quoted is...

Microsoft’s public tracking for CVE-2026-27919 places it squarely in the familiar but still dangerous category of Windows UPnP Device Host elevation-of-privilege flaws. The key story is not just that Microsoft has assigned a CVE, but that the advisory’s own confidence metric tells defenders how...

Microsoft’s CVE-2026-26161 entry for the Windows Sensor Data Service reads like a classic local privilege-escalation advisory, but the detail that matters most is not the component name so much as the confidence signal attached to it. In Microsoft’s own framing, this metric measures how certain...

Microsoft’s entry for CVE-2026-27917 frames the issue as a Windows WFP NDIS Lightweight Filter Driver elevation-of-privilege flaw in wfplwfs.sys, and the confidence metric attached to the advisory is the key clue for defenders. In Microsoft’s terminology, that metric reflects how certain the...

Background Microsoft’s CVE-2026-27907 is labeled a Windows Storage Spaces Controller elevation of privilege issue, a category that usually signals local abuse rather than remote compromise. In plain English, that means the attacker is typically expected to already have some foothold on the...

Microsoft’s CVE-2026-26167 advisory points to a Windows Push Notifications elevation-of-privilege issue, but the public-facing information available in the update guide is limited, and that matters. In Microsoft’s own terms, this kind of “confidence” metric is meant to tell defenders how certain...

CVE-2026-26162 and Why Microsoft’s Windows OLE Elevation-of-Privilege Fix Matters Microsoft’s CVE-2026-26162 is a reminder that some of the most consequential Windows security bugs are not flashy remote exploits, but quieter local privilege escalation flaws buried deep in system components. In...

Microsoft's March security roll-up exposed a high-severity elevation-of-privilege flaw in the Azure AD SSH Login extension for Linux that essentially handed local attackers a clear path to root on affected systems, forcing administrators to treat what looks like a convenience feature as a...

Microsoft’s March 10, 2026 security roll‑up added a sharp new item to defenders’ to‑do lists: CVE‑2026‑26134, a Microsoft Office vulnerability described by the vendor as an integer overflow or wraparound that can be leveraged by an authorized local user to achieve elevation of privilege, and...

Microsoft’s security tracking has assigned CVE-2026-25187 to a newly recorded local elevation‑of‑privilege vulnerability in Winlogon that — because Winlogon runs with SYSTEM privileges — presents an immediate and practical escalation path for a local, authorized actor; the vendor-tracked entry...

Microsoft has recorded CVE-2026-25179 as a newly disclosed elevation-of-privilege vulnerability in the Windows Ancillary Function Driver for WinSock (AFD.sys), and system owners should treat it as an Important local privilege escalation that requires immediate inventorying and patching across...

A new use‑after‑free vulnerability (CVE‑2026‑25178) has been published in Microsoft’s “Ancillary Function Driver for WinSock” (AFD.sys) that allows an authorized local user to elevate privileges, and the vendor has listed the issue in its Security Update Guide. (msrc.microsoft.com) Summary —...

Microsoft has cataloged a new local elevation-of-privilege (EoP) vulnerability in the Windows Extensible File Allocation Table (exFAT) implementation — tracked as CVE-2026-25174 — an out‑of‑bounds read that Microsoft says can allow an authorized local attacker to escalate privileges to a higher...

Microsoft has recorded CVE-2026-25171 as a local elevation-of-privilege (EoP) bug in Windows Authentication Methods — a use‑after‑free in authentication code that, if triggered by an already authorized local actor, can elevate privileges on an affected host; Microsoft’s advisory entry and...

Microsoft’s security trackers and independent feeds today record CVE-2026-25165 as an elevation-of-privilege vulnerability in the Windows Performance Counters subsystem — a null-pointer dereference that, when triggered by an authenticated local user, can be weaponized to escalate to system-level...

Microsoft’s security tracker has recorded CVE-2026-23667 as an elevation-of-privilege vulnerability in the Windows Broadcast DVR component, and early third‑party aggregators describe the flaw as a use‑after‑free that can be abused by a locally authorized attacker to gain higher privileges on...

A logic error in the Android kernel’s mem_protect.c functions can let a local, unprivileged process cause arbitrary code execution in kernel context — giving an attacker a direct elevation to system privileges without any user interaction or extra execution rights. (nvd.nist.gov) Background /...

A high‑severity memory‑safety flaw in Portwell Engineering Toolkits (version 4.8.2) — tracked as CVE‑2026‑3437 — lets a local, authenticated user read and write arbitrary kernel memory through the product’s driver, creating a realistic path to local privilege escalation and denial‑of‑service on...

A privilege‑escalation vulnerability in the QEMU Guest Agent for Windows — tracked as CVE‑2023‑0664 — allows a local, unprivileged user inside a Windows virtual machine to manipulate the QEMU Guest Agent installer’s repair custom actions and obtain SYSTEM privileges inside the guest; the issue...

A critical local privilege‑escalation bug in Ceph’s crash‑handling service — tracked as CVE‑2022‑3650 — lets an attacker with low privileges escalate to root by abusing the cluster crash‑dump path, and operators must treat it as a high‑impact, operational risk until patched. Multiple downstream...