6 matches found
CVE-2026-21223
Improper privilege management in Microsoft Edge Chromium-based allows an authorized attacker to bypass a security feature locally...
EUVD-2026-3111
Microsoft Edge Elevation Service exposes a privileged COM interface that inadequately validates the privileges of the calling process. A standard non‑administrator local user can invoke the IElevatorEdge interface method LaunchUpdateCmdElevatedAndWait, causing the service to execute privileged...
CVE-2026-21223
Improper privilege management in Microsoft Edge Chromium-based allows an authorized attacker to bypass a security feature locally...
CVE-2026-21223
Improper privilege management in Microsoft Edge Chromium-based allows an authorized attacker to bypass a security feature locally...
PT-2026-3326
Name of the Vulnerable Software and Affected Versions Microsoft Edge affected versions not specified Description The Microsoft Edge Elevation Service has a design flaw where a privileged COM interface does not properly check the permissions of the process making the request. A standard local user...
Attackers Actively Target Windows Installer Zero-Day
Attackers are actively exploiting a Windows Installer zero-day vulnerability that was discovered when a patch Microsoft issued for another security hole inadequately fixed the original and unrelated problem. Over the weekend, security researcher Abdelhamid Naceri discovered a Windows Installer...