privilege escalation

Microsoft’s vulnerability catalog now lists CVE-2026-25189, a confirmed use‑after‑free defect in the Windows Desktop Window Manager (DWM) Core Library that permits an authorized local user to escalate privileges on affected systems. The vendor‑level metadata assigns a High impact profile (CVSS...

Microsoft’s security catalog lists CVE-2026-25175 as a newly recorded elevation-of-privilege vulnerability in the Windows NTFS file system: an out-of-bounds read in the NTFS driver that, when triggered by a local, low-privileged account, can be converted into a SYSTEM-level compromise...

Microsoft and independent trackers recorded CVE-2026-25170 on March 10, 2026 — a use‑after‑free (CWE‑416) vulnerability in Windows Hyper‑V that Microsoft classifies as an elevation‑of‑privilege flaw allowing an authorized local actor with low privileges to obtain higher privileges on the host...

Microsoft’s March 10, 2026 Patch Tuesday closed a race‑condition hole in the Windows Device Association Service that could allow a local, authorized user to escalate privileges to a more powerful account on affected machines, forcing administrators to prioritize testing and deployment of the...

Microsoft pushed emergency fixes on March 10, 2026 to address CVE-2026-24293, a high-impact elevation-of-privilege vulnerability in the Windows Ancillary Function Driver for WinSock (AFD.sys) that can allow a locally authenticated low-privileged user to gain SYSTEM-level rights. The bug is...

Microsoft’s Security Response Center (MSRC) has recorded CVE-2026-24290 as an Elevation of Privilege vulnerability affecting the Windows Projected File System (ProjFS). The vendor’s entry is concise: the issue is a local, kernel-facing privilege-escalation weakness tied to the ProjFS subsystem...

Microsoft has publicly recorded CVE‑2026‑24285 as a Win32k elevation‑of‑privilege vulnerability that allows a local, authenticated user to escalate to full system privileges; Microsoft’s advisory entry and early aggregator reports indicate a use‑after‑free style bug in the Win32k kernel surface...

Microsoft released an update on March 10, 2026 addressing CVE-2026-23673, a local elevation‑of‑privilege vulnerability in the Windows Resilient File System (ReFS) that Microsoft describes as an out‑of‑bounds read which can be abused by an authorized local user to escalate privileges on affected...

Microsoft has published an advisory for CVE-2026-23671: a kernel‑level race condition in the Windows Bluetooth RFCOM Protocol Driver that can be abused by a locally authenticated, low‑privilege user to escalate to SYSTEM — and Microsoft’s update guidance indicates fixes were released on March...

Microsoft’s security tracker lists CVE-2026-23660 as an Elevation of Privilege vulnerability in “Windows Admin Center in Azure Portal,” but public technical details are extremely limited and the entry currently carries a measured confidence statement rather than a full disclosure...

Microsoft’s security entry for CVE‑2026‑26125 identifies an elevation‑of‑privilege flaw in the Payment Orchestrator Service and places special emphasis on the vendor’s confidence metric — a critical signal for defenders about how much technical detail and exploitability information is actually...

Microsoft's advisory for CVE-2026-23651 describes a local elevation-of-privilege flaw in Azure Compute Gallery caused by a permissive regular expression used during input validation; an authenticated user with access to the affected component can craft input that bypasses intended checks and...

A newly disclosed flaw in Windows Admin Center (WAC) creates a dangerous escalation path from low‑privileged, authenticated users to the administrative context that runs the management plane — a weakness that demands immediate action from anyone who runs WAC in production. The vulnerability...

A newly disclosed flaw in Windows Admin Center (WAC) — tracked as CVE‑2026‑26119 and carrying a CVSS score reported as 8.8 — creates a real and immediate risk: an authenticated but low‑privileged user could escalate their privileges across an enterprise management plane and inherit the authority...

The widely used network diagnostic utility mtr contains a dangerous privilege‑context bug that can allow an attacker to control which program is executed via an environment variable, resulting in privileged execution and serious availability and integrity risks on affected systems. The flaw is...

A denial-of-service weakness in the MySQL Server’s InnoDB/optimizer paths lets a high‑privileged, network‑connected actor repeatedly hang or crash the server process, causing sustained or persistent loss of availability for affected MySQL installations. Background / Overview MySQL remains a...

A deep, exploitable buffer overflow in the GNU C Library’s dynamic loader — triggered by specially crafted GLIBC_TUNABLES environment values — lets local attackers escalate to root on many mainstream Linux distributions unless systems are patched or mitigated. Background / Overview The GNU C...

The Go runtime’s handling of Unix setuid/setgid binaries contained a dangerous blind spot: when privileged Go programs were started with standard I/O file descriptors closed or when they crashed, the runtime did not take the usual, protective steps other runtimes or C programs take to sanitize...

The Linux kernel vulnerability tracked as CVE-2010-0291 — widely discussed at the time as the “do_mremap() mess” or the “mremap/mmap mess” — allowed an unprivileged local user to crash a system or, in some exploit scenarios, escalate to kernel privileges by abusing the kernel’s mmap/mremap logic...

A newly cataloged elevation‑of‑privilege issue affecting Windows Admin Center (WAC) — tracked under CVE‑2026‑26119 in Microsoft’s Security Update Guide — exposes a dangerous trust‑model failure in WAC’s management‑plane components that can let a local, low‑privilege user escalate to...