Windows 11 26h1
CVE-2026-23671
HIGH
Severity by source
AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
Lifecycle Timeline
2DescriptionCVE.org
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Bluetooth RFCOM Protocol Driver allows an authorized attacker to elevate privileges locally.
AnalysisAI
Privilege escalation in the Windows Bluetooth RFCOM Protocol Driver across Windows 11 26h1, Windows Server 2025, and Windows 10 1809 stems from improper synchronization of concurrent access to shared resources. An authenticated local attacker can exploit this race condition to gain elevated privileges on affected systems. No patch is currently available for this vulnerability.
Technical ContextAI
Classified as CWE-362 (Race Condition). Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Bluetooth RFCOM Protocol Driver allows an authorized attacker to elevate privileges locally.
RemediationAI
Monitor vendor advisories for a patch.
More in Windows 11 26h1
View allRemote code execution in Windows RRAS affects Windows 10 1607 and Windows Server 2022 23h2 through an integer overflow v
Local code execution in Microsoft Windows Win32K GRFX (graphics) subsystem allows an attacker with low-privilege local a
Local code execution in the Windows Win32K GRFX (graphics) subsystem allows an unauthorized attacker with the ability to
BitLocker's protection mechanism on Windows fails to enforce a critical authentication or verification step, permitting
Security feature bypass in Microsoft Windows BitLocker allows an attacker with physical access to circumvent the drive e
Denial-of-service in the Windows TCP/IP stack allows an authenticated attacker on an adjacent network to crash the netwo
Windows Push Notifications contains a use-of-uninitialized-resource flaw (CWE-200) that enables a locally authenticated
Windows Push Notifications on multiple Windows 10, Windows 11, and Windows Server versions exposes sensitive memory cont
Windows Push Notifications contains a use-of-uninitialized-resource flaw (CWE-200) that enables authenticated local atta
Remote tampering in Microsoft Windows DHCP Server allows unauthenticated network attackers to manipulate critical data w
Privilege escalation in Windows Telephony Service through heap buffer overflow affects Windows 10 1607, Windows 11 25h2,
Remote code execution in Microsoft Remote Desktop Client occurs when a user connects to an attacker-controlled RDP serve
Same weakness CWE-362 – Race Condition
View allSame technique Race Condition
View allShare
External POC / Exploit Code
Leaving vuln.today