CISA Adds 6 Known Exploited Flaws in Fortinet, Microsoft, and Adobe Software

The U.S. Cybersecurity and Infrastructure Security Agency CISA on Monday added half a dozen security flaws to its Known Exploited Vulnerabilities KEV catalog, citing evidence of active exploitation. The list of vulnerabilities is as follows - CVE-2026-21643 CVSS score: 9.1 - An SQL injection...

VulnCheck KEV: CVE-2025-60710

Improper link resolution before file access 'link following' in Host Process for Windows Tasks allows an authorized attacker to elevate privileges locally...

CVE-2026-20941

Improper link resolution before file access 'link following' in Host Process for Windows Tasks allows an authorized attacker to elevate privileges locally...

CVE-2026-20941

Improper link resolution before file access 'link following' in Host Process for Windows Tasks allows an authorized attacker to elevate privileges locally...

CVE-2026-20941

Improper link resolution before file access 'link following' in Host Process for Windows Tasks allows an authorized attacker to elevate privileges locally...

CVE-2026-20941 Host Process for Windows Tasks Elevation of Privilege Vulnerability

...

CVE-2026-20941 Host Process for Windows Tasks Elevation of Privilege Vulnerability

...

CVE-2026-20941

CVE-2026-20941 describes an elevation-of-privilege in the Windows Host Process for Windows Tasks caused by improper link resolution before file access (link following). The issue is local and affects Windows client/server platforms as scoped by the January 2026 updates. Microsoft lists fixes in K...

Host Process for Windows Tasks Elevation of Privilege Vulnerability

Improper link resolution before file access 'link following' in Host Process for Windows Tasks allows an authorized attacker to elevate privileges locally...

PT-2026-2743

Name of the Vulnerable Software and Affected Versions Host Process for Windows Tasks affected versions not specified Description An issue with how links are handled before accessing files 'link following' in Host Process for Windows Tasks can allow a local attacker with authorization to gain high...

TaskHound - Windows Privileged Scheduled Task Discovery Tool

TaskHound is a tool that hunts for Windows scheduled tasks that run with privileged accounts and stored credentials. It enumerates tasks over SMB, parses XMLs, and identifies high-value attack opportunities through BloodHound support...

CVE-2025-60710

Improper link resolution before file access 'link following' in Host Process for Windows Tasks allows an authorized attacker to elevate privileges locally...

CVE-2025-60710

Improper link resolution before file access 'link following' in Host Process for Windows Tasks allows an authorized attacker to elevate privileges locally...

CVE-2025-60710 Host Process for Windows Tasks Elevation of Privilege Vulnerability

...

EUVD-2025-93436

Improper link resolution before file access 'link following' in Host Process for Windows Tasks allows an authorized attacker to elevate privileges locally...

CVE-2025-60710 Host Process for Windows Tasks Elevation of Privilege Vulnerability

...

CVE-2025-60710

CVE-2025-60710 is a local privilege-escalation flaw in Host Process for Windows Tasks caused by improper link resolution before file access. Connected MS advisories indicate fixes are included in the December 2025 Windows updates (KB5072033) for Windows 11 (25H2/24H2) and related servicing stacks...

Host Process for Windows Tasks Elevation of Privilege Vulnerability

Improper link resolution before file access 'link following' in Host Process for Windows Tasks allows an authorized attacker to elevate privileges locally...

PT-2025-46473

Name of the Vulnerable Software and Affected Versions Windows versions affected versions not specified Description An issue exists that allows for local privilege escalation. The problem stems from improper link resolution before file access 'link following' within the Host Process for Windows...

Microsoft Windows 后置链接漏洞

Microsoft Windows is a suite of operating systems used by Microsoft Corporation USA for personal devices. A backlink vulnerability exists in Microsoft Windows Host Process for Windows Tasks. An attacker could exploit the vulnerability to elevate privileges. The following products and versions are...