Activamente explotadaCVSS 7.8 · HIGH
CVE-2026-41091
Microsoft Defender contains a link following vulnerability that allows an authorized attacker to elevate privileges locally.
Ver en NVDAnálisis
Microsoft Defender contains a vulnerability in link resolution that allows a local user to elevate their privileges. While high severity, this is a standard local privilege escalation bug that is typically handled by automated OS updates and does not represent a systemic risk to developer infrastructure.
Roles relevantes
WindowsCyberSecurity
Severidad
Puntaje: 7.8(HIGH)
Vector:
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HAV: LOCAL
AC: LOW
PR: LOW
UI: NONE
S: UNCHANGED
C: HIGH
I: HIGH
A: HIGH
Tipo de falla (CWE):
CWE-59CISA KEV
Agregada al KEV: 2026-05-20
Fecha límite federal: 2026-06-03
Uso conocido en ransomware: Unknown
Acción requerida
Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
EPSS
Probabilidad de explotación (próx. 30 días): 0.0594 (5.9%)
Percentil: 90.7%
EPSS: 2026-05-26
Afecta
microsoft:malware_protection_engineDescripción técnica
Improper link resolution before file access ('link following') in Microsoft Defender allows an authorized attacker to elevate privileges locally.
Publicada: 20/5/2026, 13:16:29
Última modificación: 20/5/2026, 19:06:36