privilege escalation

Microsoft disclosed CVE-2026-42830 on May 12, 2026, as an Important elevation-of-privilege vulnerability in the Azure Monitor Agent Metrics Extension, assigning it a CVSS score of 6.5 as part of the May Patch Tuesday security release. The bug is not the loudest item in this month’s bulletin, but...

Microsoft disclosed CVE-2026-40381 on May 12, 2026, as an Important-rated elevation-of-privilege vulnerability in the Azure Connected Machine Agent, the software component that lets Windows and Linux servers outside Azure be managed through Azure Arc. The immediate story is not a flashy wormable...

Microsoft lists CVE-2026-41086 as a Windows Admin Center in Azure Portal elevation-of-privilege vulnerability, with the public entry emphasizing confidence in the vulnerability’s existence rather than exposing detailed exploit mechanics as of May 12, 2026. That distinction matters more than it...

Microsoft disclosed CVE-2026-40420 on May 12, 2026, as an Important-rated elevation-of-privilege vulnerability in Microsoft Office Click-To-Run affecting Microsoft 365 Apps for Enterprise and supported Office 2019, Office LTSC 2021, and Office LTSC 2024 installations. The bug is not a...

Microsoft disclosed CVE-2026-35436 on May 12, 2026, as an Important elevation-of-privilege vulnerability in Microsoft Office Click-to-Run that can let a low-privileged local attacker escape a contained execution environment and gain SYSTEM privileges on affected Office installations. That is the...

Microsoft disclosed CVE-2026-40402 on May 12, 2026, as a Critical Windows Hyper-V elevation-of-privilege vulnerability in its May Patch Tuesday release, describing a use-after-free flaw that can let an attacker in a guest virtual machine gain SYSTEM privileges on the Hyper-V host. The...

Microsoft disclosed CVE-2026-40398 on May 12, 2026, as an Important-rated Windows Remote Desktop Services elevation-of-privilege vulnerability, with no public disclosure or active exploitation reported at release time and a CVSS base score of 7.8. That combination is easy to misread: not a...

Microsoft’s May 12, 2026 Patch Tuesday includes CVE-2026-40397, an Important-severity elevation-of-privilege vulnerability in the Windows Common Log File System driver, with public reporting showing no known exploitation or prior disclosure at release time. The practical reading is not “panic,”...

Microsoft disclosed CVE-2026-34340 on May 12, 2026, as a Windows Projected File System elevation-of-privilege vulnerability, assigning it to the May 2026 security update cycle and identifying ProjFS as the affected Windows component rather than a standalone third-party application. The short...

On May 12, 2026, Microsoft disclosed CVE-2026-34338, an elevation-of-privilege vulnerability in the Windows Telephony Service, through its Security Update Guide as part of the May security update cycle affecting Windows systems that include the legacy telephony component and enterprise...

Microsoft has listed CVE-2026-34337 as a Windows Cloud Files Mini Filter Driver elevation-of-privilege vulnerability in the Security Update Guide, a local Windows flaw whose practical risk depends less on remote reachability than on how quickly attackers can turn sparse public details into...

Microsoft’s CVE-2026-34334 is a Windows TCP/IP elevation-of-privilege vulnerability disclosed through the Microsoft Security Response Center, and its most important operational clue is not the scary networking label but the confidence signal attached to the report. The vulnerability sits in the...

Microsoft disclosed CVE-2026-33838, a Windows Message Queuing elevation-of-privilege vulnerability, in its Security Update Guide on May 12, 2026, affecting Windows systems where the legacy MSMQ component is present and serviced through the current Windows security update channel. The important...

Microsoft disclosed CVE-2026-33837 on May 12, 2026, as an Important Windows TCP/IP local elevation-of-privilege vulnerability caused by a heap-based buffer overflow that lets an authorized low-privilege attacker interact with tcpip.sys and gain kernel-level privileges on affected Windows...

Microsoft disclosed CVE-2026-33835 on May 12, 2026, as a Windows Cloud Files Mini Filter Driver elevation-of-privilege vulnerability, addressed through the May Patch Tuesday security updates for affected Windows systems and documented in the Microsoft Security Response Center’s Security Update...

Microsoft disclosed CVE-2026-32170, a Windows Rich Text Edit Control elevation-of-privilege vulnerability, in its May 12, 2026 Security Update Guide as part of the monthly Patch Tuesday release affecting Windows systems that include the Rich Edit component. The important word is not “rich,” and...

CVE-2026-35438 is a Windows Admin Center elevation-of-privilege vulnerability in which a low-privileged attacker could abuse the product’s update path to install an arbitrary available Windows Admin Center version from Microsoft’s update catalog, potentially altering or disrupting the existing...

Microsoft’s Security Response Center has listed CVE-2026-35420 as a Windows Kernel elevation-of-privilege vulnerability, published in the May 2026 security update cycle, with vendor acknowledgement establishing that the flaw exists even though public technical detail remains deliberately...

CVE-2026-35418 is a Microsoft-disclosed elevation-of-privilege vulnerability in the Windows Cloud Files Mini Filter Driver, published in the Security Update Guide on May 12, 2026, affecting Windows systems that rely on the cloud-files plumbing used by OneDrive-style placeholder and...

CVE-2026-35415 is listed by Microsoft as a Windows Storage Spaces Controller elevation-of-privilege vulnerability in the Security Update Guide, with the key public signal today being confirmed report confidence rather than a disclosed exploit technique, proof-of-concept, or detailed root-cause...