Skip to main content

Microsoft CVE-2026-41527

| EUVDEUVD-2026-24513 MEDIUM
Always-Incorrect Control Flow Implementation (CWE-670)
2026-04-21 mitre
6.9
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
6.9 MEDIUM
AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:L

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:L
Attack Vector
Local
Attack Complexity
High
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
Low

Lifecycle Timeline

4
Patch released
Apr 22, 2026 - 21:23 nvd
Patch available
Patch available
Apr 21, 2026 - 23:32 EUVD
EUVD ID Assigned
Apr 21, 2026 - 22:16 euvd
EUVD-2026-24513
CVE Published
Apr 21, 2026 - 00:00 nvd
MEDIUM 6.9

DescriptionCVE.org

KDE Kleopatra before 26.08.0 on Windows allows local users to obtain the privileges of a Kleopatra user, because there is an error in the mechanism (KUniqueService) for ensuring that only one instance is running.

Analysis

KDE Kleopatra before 26.08.0 on Windows allows local users to obtain the privileges of a Kleopatra user, because there is an error in the mechanism (KUniqueService) for ensuring that only one instance is running.

Share

CVE-2026-41527 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy