Windows Boot Loader Allows Local Privilege Escalation

Monitor vulnerabilities like this one. Sign up free to get alerted when software you use is affected.

6.7

Windows Boot Loader Allows Local Privilege Escalation

CVE-2026-0390

Summary

An attacker with local access to a Windows system can exploit this issue to gain elevated privileges. This could allow them to install malicious software or access sensitive data. Users should apply the latest patches from Microsoft to mitigate this risk.

Original title

Reliance on untrusted inputs in a security decision in Windows Boot Loader allows an authorized attacker to bypass a security feature locally.

Original description

Reliance on untrusted inputs in a security decision in Windows Boot Loader allows an authorized attacker to bypass a security feature locally.

nvd CVSS3.1 6.7

Vulnerability type

CWE-807

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-0390

Published: 14 Apr 2026 · Updated: 15 Apr 2026 · First seen: 14 Apr 2026