Skip to main content

Severity by source

NVD PRIMARY
7.8 HIGH
AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Attack Vector
Local
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

2
Analysis Generated
Mar 12, 2026 - 21:55 vuln.today
CVE Published
Mar 10, 2026 - 18:18 nvd
HIGH 7.8

DescriptionCVE.org

Windows Universal Disk Format File System Driver (UDFS) Elevation of Privilege Vulnerability

AnalysisAI

Windows Universal Disk Format File System Driver (UDFS) Elevation of Privilege Vulnerability [CVSS 7.8 HIGH]

Technical ContextAI

Classified as CWE-125 (Out-of-bounds Read). Windows Universal Disk Format File System Driver (UDFS) Elevation of Privilege Vulnerability

RemediationAI

Monitor vendor advisories for a patch.

CVE-2026-21510 HIGH POC
8.8 Feb 10

Windows Shell contains a protection mechanism failure (CVE-2026-21510, CVSS 8.8) that allows unauthenticated remote atta

CVE-2025-47827 MEDIUM POC
4.6 Jun 05

In IGEL OS before 11, Secure Boot can be bypassed because the igel-flash-driver module improperly verifies a cryptograph

CVE-2026-21519 HIGH
7.8 Feb 10

Desktop Window Manager (DWM) in Windows contains a type confusion vulnerability (CVE-2026-21519, CVSS 7.8) that enables

CVE-2026-20805 MEDIUM
5.5 Jan 13

Desktop Windows Manager on Windows 10, Windows 11, and Windows Server 2022 leaks sensitive information to local authenti

CVE-2025-62215 HIGH POC
7.0 Nov 11

Windows Kernel contains a race condition vulnerability enabling local privilege escalation through concurrent resource a

CVE-2026-25173 HIGH POC
8.0 Mar 10

Remote code execution in Windows RRAS affects Windows 10 1607 and Windows Server 2022 23h2 through an integer overflow v

CVE-2026-44812 HIGH
7.8 Jun 09

Local code execution in Microsoft Windows Win32K GRFX (graphics) subsystem allows an attacker with low-privilege local a

CVE-2026-44803 HIGH
7.8 Jun 09

Local code execution in the Windows Win32K GRFX (graphics) subsystem allows an unauthorized attacker with the ability to

CVE-2026-50507 MEDIUM
6.8 Jun 09

BitLocker's protection mechanism on Windows fails to enforce a critical authentication or verification step, permitting

CVE-2026-45658 MEDIUM
6.8 Jun 09

Security feature bypass in Microsoft Windows BitLocker allows an attacker with physical access to circumvent the drive e

CVE-2026-42915 MEDIUM
5.5 Jun 09

Denial-of-service in the Windows TCP/IP stack allows an authenticated attacker on an adjacent network to crash the netwo

CVE-2026-42973 MEDIUM
5.5 Jun 09

Windows Push Notifications contains a use-of-uninitialized-resource flaw (CWE-200) that enables a locally authenticated

Share

CVE-2026-23672 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy