← back
CVE-2026-27926

Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability

CVSS 7 HIGHEPSS 0.2%CWE-362CWE-416
Vexday Risk Score
21Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS 7EPSS 0.2%KEV nãoPoC Nuclei Metasploit Patch referenciado
Lifecycle
14 Apr 2026Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Cloud Files Mini Filter Driver allows an authorized attacker to elevate privileges locally.
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →