Windows Client Side Caching driver csc.sys Privilege Elevation Vulnerability

Monitor vulnerabilities like this one. Sign up free to get alerted when software you use is affected.

7.8

Windows Client Side Caching driver csc.sys Privilege Elevation Vulnerability

CVE-2026-26176

Summary

A flaw in the Windows Client Side Caching driver (csc.sys) could allow a hacker with access to the system to gain higher-level access than they normally should have. This could happen if a specific sequence of actions is taken on the system. To protect your system, apply the latest Windows updates as soon as possible.

Original title

Heap-based buffer overflow in Windows Client Side Caching driver (csc.sys) allows an authorized attacker to elevate privileges locally.

Original description

Heap-based buffer overflow in Windows Client Side Caching driver (csc.sys) allows an authorized attacker to elevate privileges locally.

nvd CVSS3.1 7.8

Vulnerability type

CWE-122 Heap-based Buffer Overflow

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-26176

Published: 14 Apr 2026 · Updated: 14 Apr 2026 · First seen: 14 Apr 2026