26938 matches found
EUVD-2026-29685
Reliance on a component that is not updateable in Windows Secure Boot allows an authorized attacker to bypass a security feature locally...
CVE-2026-41097
Reliance on a component that is not updateable in Windows Secure Boot allows an authorized attacker to bypass a security feature locally...
CVE-2026-41097
Reliance on a component that is not updateable in Windows Secure Boot allows an authorized attacker to bypass a security feature locally...
CVE-2026-41097 Secure Boot Security Feature Bypass Vulnerability
...
CVE-2026-41097 Secure Boot Security Feature Bypass Vulnerability
...
CVE-2026-41097
CVE-2026-41097 describes a local security bypass in Windows Secure Boot caused by reliance on a non-updateable component. An authorized attacker could bypass a security feature locally. The CVE’s metrics show a medium base score (CVSS 3.1: 6.7; Local attack vector; high confidentiality/integrity/...
EUVD-2026-29486
A race condition in Ivanti Secure Access Client before 22.8R6 allows a locally authenticated user to escalate privileges to SYSTEM...
EUVD-2026-29485
An incorrect permission assignment for critical resource of Ivanti Secure Access Client before 22.8R6 allows a local authenticated user to read or modify sensitive log data via write access to a shared memory section...
CVE-2026-7432
A race condition in Ivanti Secure Access Client before 22.8R6 allows a locally authenticated user to escalate privileges to SYSTEM...
CVE-2026-7431
An incorrect permission assignment for critical resource of Ivanti Secure Access Client before 22.8R6 allows a local authenticated user to read or modify sensitive log data via write access to a shared memory section...
CVE-2026-7432
A race condition in Ivanti Secure Access Client before 22.8R6 allows a locally authenticated user to escalate privileges to SYSTEM...
CVE-2026-7432
A race condition in Ivanti Secure Access Client before 22.8R6 allows a locally authenticated user to escalate privileges to SYSTEM...
CVE-2026-7432
Ivanti Secure Access Client (before 22.8R6) is affected by two adjacent CVEs identified in the connected documents. CVE-2026-7432 describes a race condition that could allow a locally authenticated user to escalate privileges to SYSTEM. CVE-2026-7431 describes an incorrect permission assignment f...
CVE-2026-7432
A race condition in Ivanti Secure Access Client before 22.8R6 allows a locally authenticated user to escalate privileges to SYSTEM...
CVE-2026-7431
An incorrect permission assignment for critical resource of Ivanti Secure Access Client before 22.8R6 allows a local authenticated user to read or modify sensitive log data via write access to a shared memory section...
CVE-2026-7431
An incorrect permission assignment for critical resource of Ivanti Secure Access Client before 22.8R6 allows a local authenticated user to read or modify sensitive log data via write access to a shared memory section...
CVE-2026-7431
Affected product: Ivanti Secure Access Client. Vulnerabilities (pre-22.8R6): 7431 involves an incorrect permission assignment on a critical resource, enabling a local authenticated user to read/modify sensitive log data via write access to a shared memory section. 7432 is a race condition that al...
CVE-2026-7431
An incorrect permission assignment for critical resource of Ivanti Secure Access Client before 22.8R6 allows a local authenticated user to read or modify sensitive log data via write access to a shared memory section...
May 2026 Security Advisory Ivanti Secure Access Client (CVE-2026-7431, CVE-2026-7432)
Update 22 May: CVE-2026-8992 has been added to Vulnerability Details Summary Ivanti has released updates for the Ivanti Secure Access Client which addresses one medium severity vulnerability and two High severity vulnerabilities. We are not aware of any customers being exploited by these...
May 12, 2026—KB5087471 (Monthly Rollup)
May 12, 2026—KB5087471 Monthly Rollup Important The installation of this Extended Security Update ESU might fail when you try to install it on an Azure Arc-enabled device that is running Windows Server 2012 R2. For a successful installation, please make sure all Subset of endpoints for ESU only a...