Live
Patch Now: CVE-2026-40399 Windows TCP/IP Flaw Grants SYSTEM Access·MSFT +0.1%CVE-2026-34351: Why This Windows TCP/IP Vulnerability Demands Your Immediate Attention·NVDA +3.0%CVE-2026-34345: Microsoft Patches AFD.sys WinSock EoP Flaw Granting SYSTEM Access·GOOGL +1.2%CVE-2026-34330: Important Win32k GRFX Elevation of Privilege Flaw Fixed in May 2026 Patch Tuesday·AMZN +2.9%Windows Kernel Bug Allows Attackers to Vault Out of Sandboxes — Patch Now, Microsoft Says·MSFT +0.1%Low-Complexity Win32k Bug Gives Attackers SYSTEM; Microsoft Patches Windows 11 and Server 2025·NVDA +3.0%CVE-2026-43500: High-Severity Linux Kernel Bug Puts Windows WSL Users at Risk of Local Privilege Escalation·GOOGL +1.2%CVE-2026-43321: Linux BPF Verifier Register Liveness Bug Exposes Windows Systems via WSL and Azure·AMZN +2.9%Patch Now: CVE-2026-40399 Windows TCP/IP Flaw Grants SYSTEM Access·MSFT +0.1%CVE-2026-34351: Why This Windows TCP/IP Vulnerability Demands Your Immediate Attention·NVDA +3.0%CVE-2026-34345: Microsoft Patches AFD.sys WinSock EoP Flaw Granting SYSTEM Access·GOOGL +1.2%CVE-2026-34330: Important Win32k GRFX Elevation of Privilege Flaw Fixed in May 2026 Patch Tuesday·AMZN +2.9%Windows Kernel Bug Allows Attackers to Vault Out of Sandboxes — Patch Now, Microsoft Says·MSFT +0.1%Low-Complexity Win32k Bug Gives Attackers SYSTEM; Microsoft Patches Windows 11 and Server 2025·NVDA +3.0%CVE-2026-43500: High-Severity Linux Kernel Bug Puts Windows WSL Users at Risk of Local Privilege Escalation·GOOGL +1.2%CVE-2026-43321: Linux BPF Verifier Register Liveness Bug Exposes Windows Systems via WSL and Azure·AMZN +2.9%

Local Privilege Escalation

The latest Local Privilege Escalation coverage — news, analysis, and updates from the WindowsNews.AI desk.

12 stories in view AI assisted desk updated 9:57 AM
Latest Most Read Breaking
Sort
Cve-2026-40399 · Local Privilege Escalation

Patch Now: CVE-2026-40399 Windows TCP/IP Flaw Grants SYSTEM Access

Microsoft’s May 2026 Patch Tuesday release includes a fix for CVE-2026-40399, a local elevation-of-privilege vulnerability in the Windows TCP/IP stack rated Important with a CVSS 3.1 score of 7.8....

Advertisement
Cve-2026-33841 · Local Privilege Escalation

Windows Kernel Bug Allows Attackers to Vault Out of Sandboxes — Patch Now, Microsoft Says

Microsoft’s May 2026 Patch Tuesday release fixes a kernel flaw that can pry open the containment barriers meant to keep untrusted code caged. CVE-2026-33841, a heap-based buffer overflow in the...

SE Security Desk·9w ago
Cve 2026 33840 · Local Privilege Escalation

Low-Complexity Win32k Bug Gives Attackers SYSTEM; Microsoft Patches Windows 11 and Server 2025

On May 12, 2026, Microsoft shipped a security update that closes CVE-2026-33840, a local privilege escalation vulnerability in the Windows Win32k subsystem. An attacker with a low-privilege foothold...

SE Security Desk·9w ago
cve_2026_43500_high.jpg
Cve-2026-43500 · Linux Kernel Security

CVE-2026-43500: High-Severity Linux Kernel Bug Puts Windows WSL Users at Risk of Local Privilege Escalation

A newly disclosed Linux kernel vulnerability tracked as CVE-2026-43500 is raising alarms across mixed Windows-Linux environments, particularly for organizations relying on Windows Subsystem for Linux...

SE Security Desk·9w ago
Bpf Verifier · Cve 2026 43321

CVE-2026-43321: Linux BPF Verifier Register Liveness Bug Exposes Windows Systems via WSL and Azure

Microsoft published a security advisory for CVE-2026-43321 on May 8, 2026, flagging a high-severity flaw in the Linux kernel’s BPF verifier that allows local privilege escalation. The...

SE Security Desk·9w ago
Incident Response · Linux Kernel Security

Dirty Frag Linux Flaw Grants Root: Microsoft Patches WSL Kernel

Microsoft issued an urgent security advisory on May 8, 2026, confirming limited active exploitation of a Linux local privilege escalation vulnerability tracked as Dirty Frag. The attack chain...

SE Security Desk·10w ago
Chrome On Macos · Local Privilege Escalation

CVE-2026-7997: Chrome macOS Updater Flaw Warns Windows Admins on Update Risks

Google published details of CVE-2026-7997 on May 6, 2026—a local privilege escalation vulnerability in the Chrome updater for macOS. The flaw, rated high severity, stems from insufficient input...

SE Security Desk·10w ago
Bod 22-01 Compliance · Cisa Kev

CISA Adds Actively Exploited Linux "Copy Fail" Kernel Bug to KEV Catalog

{ "title": "CISA KEV: Linux “Copy Fail” CVE-2026-31431 Turns Kernel Bug Into Patch Deadline", "content": "The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added...

SE Security Desk·11w ago
Local Privilege Escalation · Security Research

Windows Defender Exploit: RedSun 0day Uses Race Condition for System32 Privilege Escalation

A newly disclosed Windows Defender vulnerability allows attackers to achieve local privilege escalation by exploiting a race condition in the antivirus engine's file handling. Dubbed "RedSun" by...

SE Security Desk·13w ago