Is Windows Server 2012 affected by CVE-2026-26183?

CVE-2026-26183 is a high-severity Windows RPC privilege escalation affecting all supported Server versions (2012-2025) that allows low-privileged local users to gain full system control without user interaction.

CVE-2026-26183

EUVD-2026-22428 HIGH

2026-04-14 microsoft

Authentication Bypass Microsoft Windows Server 2012 Windows Server 2012 Server Core Installation Windows Server 2012 R2 Windows Server 2012 R2 Server Core Installation Windows Server 2016 Windows Server 2016 Server Core Installation Windows Server 2019 Windows Server 2019 Server Core Installation Windows Server 2022 Windows Server 2022 23H2 Edition Server Core Installation Windows Server 2025 Windows Server 2025 Server Core Installation

7.8

CVSS 3.1

CVSS VectorNVD

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Attack Vector

Local

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Lifecycle Timeline

Analysis Generated

Apr 14, 2026 - 19:15 vuln.today

DescriptionNVD

Improper access control in Windows RPC API allows an authorized attacker to elevate privileges locally.

AnalysisAI

Windows RPC API privilege escalation affects all supported Windows Server versions (2012 through 2025) due to improper access control (CWE-284). Low-privileged local attackers can achieve complete system compromise (high confidentiality, integrity, and availability impact) with low attack complexity and no user interaction required. …

RemediationAI

Within 24 hours: inventory all Windows Server 2012, 2016, 2019, 2022, and 2025 instances across your environment and their current patch levels. Within 7 days: deploy vendor-released patches to all affected systems, prioritizing domain controllers, file servers, and systems with internet-facing services; test patches in non-production first. …

Analysis

Detailed AI-generated intelligence summary covering attack vector, impact assessment, affected versions, remediation steps, and indicators of compromise.

POChttps://••••••••••.com/exploit

PATCHhttps://••••••••••.com/patch

ADVISORYhttps://••••••••••.com/advisory

Full analysis requires sign-in

Get intelligence summaries, risk assessment, exploit details, threat intel, and remediation guidance.

CVE-2026-26183 vulnerability details – vuln.today

Back

CVE-2026-26183

CVSS VectorNVD

Lifecycle Timeline

DescriptionNVD

AnalysisAI

RemediationAI

Full analysis requires sign-in

Share

External POC / Exploit Code