Skip to main content

Microsoft EUVDEUVD-2026-22402

| CVE-2026-26170 HIGH
Improper Input Validation (CWE-20)
2026-04-14 microsoft
7.8
CVSS 3.1 · NVD
Temporal: 6.8
Share

Severity by source

NVD PRIMARY
7.8 HIGH
AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CIRCL (temporal)
6.8 MEDIUM
cvss

Primary rating from NVD.

CVSS VectorNVD

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Attack Vector
Local
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

6
Re-analysis Queued
Apr 17, 2026 - 15:22 vuln.today
cvss_changed
Analysis Generated
Apr 14, 2026 - 19:26 vuln.today
EUVD ID Assigned
Apr 14, 2026 - 17:46 euvd
EUVD-2026-22402
Analysis Generated
Apr 14, 2026 - 17:46 vuln.today
Patch released
Apr 14, 2026 - 17:46 nvd
Patch available
CVE Published
Apr 14, 2026 - 16:57 nvd
HIGH 7.8

DescriptionCVE.org

Improper input validation in Microsoft PowerShell allows an authorized attacker to elevate privileges locally.

AnalysisAI

Microsoft PowerShell privilege escalation affecting Windows 10/11 and Server 2016-2025 allows authenticated local attackers with low privileges to gain SYSTEM-level access through improper input validation (CWE-20). The vulnerability has a CVSS score of 7.8 with low attack complexity and requires no user interaction, enabling straightforward exploitation by any standard user account. No public exploit identified at time of analysis, though the attack vector's simplicity (AV:L/AC:L/PR:L/UI:N) sug

Technical ContextAI

This vulnerability stems from improper input validation (CWE-20) within Microsoft PowerShell's command processing engine. PowerShell is a task automation framework built on .NET that provides administrative scripting capabilities across Windows environments. The input validation flaw allows maliciously crafted commands or parameters to bypass security controls that normally restrict PowerShell operations to the user's privilege context. Given PowerShell's deep integration with Windows system management interfaces and its ability to invoke .NET classes, COM objects, and native Windows APIs, insufficient input sanitization can enable attackers to manipulate execution contexts and escalate from standard user (PR:L) to administrative or SYSTEM privileges. The vulnerability affects PowerShell as shipped with Windows 10 versions 1607/1809/21H2/22H2, Windows 11 versions 22H3/23H2/24H2/25H2/26H1, and Windows Server 2016/2019/2022/2025 including Server Core installations, indicating the flaw exists in core PowerShell runtime components shared across these platforms rather than version-specific features.

RemediationAI

Apply Microsoft's security updates immediately through Windows Update or WSUS to upgrade to patched builds: Windows 10 Version 1607 to build 10.0.14393.9060 or later, Windows 10 Version 1809 to build 10.0.17763.8644 or later, Windows 10 Version 21H2 to build 10.0.19044.7184 or later, Windows 10 Version 22H2 to build 10.0.19045.7184 or later, Windows 11 Version 22H3/23H2 to build 10.0.22631.6936 or later, Windows 11 Version 24H2 to build 10.0.26100.32690 or later, Windows 11 Version 25H2 to build 10.0.26200.8246 or later, Windows 11 Version 26H1 to build 10.0.28000.1836 or later, Windows Server 2016 to build 10.0.14393.9060 or later, Windows Server 2019 to build 10.0.17763.8644 or later, Windows Server 2

Share

EUVD-2026-22402 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy