CVE Catalog
CVE-2026-45487
HighCVSS 7.8Exploitation Probability (EPSS)
Low risk0.05%
17th percentile - higher than 17% of all known CVEs
Summary
A TOCTOU race condition in Program Compatibility Assistant Service allows an authorized attacker to elevate privileges locally.
Risk Assessment
An attacker with appropriate permissions can exploit this vulnerability to gain higher privileges in the system, potentially leading to serious security breaches.
Recommendation
It is recommended to monitor and restrict access to the Program Compatibility Assistant service and to regularly update the system to patch this vulnerability.
Original NVD description (English source)
Time-of-check time-of-use (TOCTOU) race condition in Program Compatibility Assistant Service allows an authorized attacker to elevate privileges locally.

