windows privilege escalation

Microsoft disclosed CVE-2026-45586 on June 9, 2026, as a Windows Collaborative Translation Framework, or CTFMON, elevation-of-privilege vulnerability affecting Windows systems and addressed through the June Patch Tuesday security updates, with Microsoft listing exploitation as detected in the...

Microsoft disclosed CVE-2026-42902 on June 9, 2026, as an elevation-of-privilege vulnerability in Microsoft PowerToys, placing a beloved Windows power-user utility into the same risk-management queue as drivers, services, shells, and enterprise agents. The important part is not that PowerToys...

Microsoft is facing fresh scrutiny after reports on May 13–14, 2026 described YellowKey, a publicly disclosed BitLocker bypass aimed at Windows recovery behavior, alongside GreenPlasma, a separate alleged Windows local privilege-escalation flaw tied to CTFMon and Object Manager internals. The...

Microsoft disclosed CVE-2026-35416 on May 12, 2026, as a Windows Ancillary Function Driver for WinSock elevation-of-privilege vulnerability affecting supported Windows client and server releases, with remediation delivered through the regular Patch Tuesday security update channel. The short...

CISA on May 5, 2026 republished a Johnson Controls advisory warning that CEM AC2000 versions 10.6, 11.0, and 12.0 contain a high-severity DLL hijacking flaw, CVE-2026-21661, that can let a standard local user escalate privileges on the host machine. That sentence sounds narrow, almost...

Microsoft’s April 14, 2026 Patch Tuesday brought a new local privilege escalation flaw into focus: CVE-2026-27916, a Windows UPnP Device Host vulnerability that Microsoft rates as an elevation-of-privilege issue. The public description points to a use-after-free condition, a classic...

Microsoft’s CVE-2026-32219 is the kind of Windows flaw that security teams dread because it sits squarely in the privilege-escalation lane: an authenticated low-privilege attacker can use it to reach SYSTEM-level control on affected machines. The advisory is for the Microsoft Brokering File...

Microsoft’s CVE-2026-32165 entry is another reminder that Microsoft’s confidence metric is becoming as important as the component name itself. The advisory labels the issue a Windows User Interface Core Elevation of Privilege Vulnerability, which places it squarely in the class of bugs that can...

Microsoft’s CVE-2026-32087 entry for the Windows Function Discovery Service is a reminder that Microsoft’s vulnerability metadata can be just as important as the exploit details themselves. The advisory centers on fdwsd.dll and an elevation of privilege condition, but the real significance lies...