CVE-2026-26143

Improper input validation in Microsoft PowerShell allows an unauthorized attacker to bypass a security feature locally...

Improper Validation of Specified Quantity in Input

Overview PowerShell is a package containing the PowerShell global tool Affected versions of this package are vulnerable to Improper Validation of Specified Quantity in Input in the IsSafeValueVisitor function when SkipLimitCheck is true and used with Import-PowerShellDataFile. An attacker can...

CVE-2026-26170 PowerShell Elevation of Privilege Vulnerability

...

CVE-2026-26170 PowerShell Elevation of Privilege Vulnerability

...

CVE-2026-26170

CVE-2026-26170 is a PowerShell elevation of privilege vulnerability described as requiring local access with low privileges and no user interaction. CVSS 3.1 base score 7.8 (HIGH) with high impact on confidentiality, integrity, and availability; exploit code maturity is UNPROVEN. The entry notes ...

CVE-2026-26143

The CVE-2026-26143 entry concerns Improper input validation in Microsoft PowerShell that allows a local attacker to bypass a security feature. The advisory set shows affected software as Microsoft PowerShell with a high impact (MITRE-style: Circumvention of security measure) and a high base score...

CVE-2026-26143 Microsoft PowerShell Security Feature Bypass Vulnerability

...

CVE-2026-26143 Microsoft PowerShell Security Feature Bypass Vulnerability

...

Microsoft PowerShell Security Feature Bypass Vulnerability

Improper input validation in Microsoft PowerShell allows an unauthorized attacker to bypass a security feature locally...

PowerShell Elevation of Privilege Vulnerability

Improper input validation in Microsoft PowerShell allows an authorized attacker to elevate privileges locally...

April 14, 2026—KB5082123 (OS Build 17763.8644)

April 14, 2026—KB5082123 OS Build 17763.8644 Windows Secure Boot certificate expiration Important: Secure Boot certificates used by most Windows devices are set to expire starting in June 2026. This might affect the ability of certain personal and business devices to boot securely if not updated ...

PT-2026-32747

Name of the Vulnerable Software and Affected Versions Microsoft PowerShell affected versions not specified Description Improper input validation allows an authorized attacker to elevate privileges locally on the system. Recommendations At the moment, there is no information about a newer version...

PT-2026-32729

Name of the Vulnerable Software and Affected Versions Microsoft PowerShell affected versions not specified Description Improper input validation allows an unauthorized attacker to bypass a security feature locally. Recommendations At the moment, there is no information about a newer version that...

📄 WebRemoteControl Unauthenticated Remote Code Execution

WebRemoteControl suffers from an unauthenticated remote code execution vulnerability. Exploit Title: WebRemoteControl - Unauthenticated Remote Code Execution Date: 2026-04-14 Exploit Author: Chokri Hammedi Vendor Homepage: https://github.com/wolfgangasdf/WebRemoteControl Software Link:...

Microsoft PowerShell 7.4.x < 7.4.14 / 7.5.x < 7.5.5 Security Feature Bypass (April 2026)

The Windows 'Microsoft PowerShell' app installed on the remote host is 7.4.x prior to 7.4.14 or 7.5.x prior to 7.5.5. It is, therefore, affected by a security feature bypass vulnerability: - Improper input validation in Microsoft PowerShell allows an unauthorized attacker to bypass a security...

Podman 操作系统命令注入漏洞

Podman is an open-source engine developed by Podman for developing, managing, and running OCI containers on Linux systems. Versions of Podman 4.8.0 to 5.8.1 contain a vulnerability related to operating system command injection. This vulnerability stems from command injection issues in the HyperV...

KLA90982 Multiple vulnerabilities in Microsoft Developer Tools

Multiple vulnerabilities were found in Microsoft Developer Tools. Malicious users can exploit these vulnerabilities to obtain sensitive information, bypass security restrictions, cause denial of service, gain privileges, spoof user interface. Below is a complete list of vulnerabilities: 1. An...

PT-2026-32953

Name of the Vulnerable Software and Affected Versions Podman versions 4.8.0 through 5.8.1 Description A command injection issue exists in the HyperV machine backend within the file pkg/machine/hyperv/stubber.go. The VM image path is inserted into a PowerShell double-quoted string without...

Microsoft PowerShell 输入验证错误漏洞

Microsoft PowerShell is a Microsoft-developed cross-platform task automation solution that includes a command-line shell, scripting language, and configuration management framework. An elevation of privilege vulnerability exists in Microsoft PowerShell, which is caused by incorrect input validati...

Microsoft PowerShell 7.4.x < 7.4.14 / 7.5.x < 7.5.5 Security Feature Bypass (macOS)

The version of Microsoft PowerShell installed on the remote macOS host is 7.4.x prior to 7.4.14 or 7.5.x prior to 7.5.5. It is, therefore, affected by a security feature bypass vulnerability: - Improper input validation in Microsoft PowerShell allows an unauthorized attacker to bypass a security...