CVE Catalog

CVE-2026-42989

HighCVSS 7.8
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.09%

26th percentile - higher than 26% of all known CVEs

Summary

Improper link resolution before file access in Winlogon allows an authorized attacker to elevate privileges locally.

Risk Assessment

An attacker with appropriate permissions may gain higher privileges in the system, potentially leading to serious security breaches.

Recommendation

It is recommended to update the operating system and monitor access to Winlogon to detect unauthorized privilege escalation attempts.

Original NVD description (English source)

Improper link resolution before file access ('link following') in Winlogon allows an authorized attacker to elevate privileges locally.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS