Windows Projected File System Privilege Elevation Local

Monitor vulnerabilities like this one. Sign up free to get alerted when software you use is affected.

7.8

Windows Projected File System Privilege Elevation Local

CVE-2026-27927

Summary

An attacker with authorized access can exploit a security flaw in Windows Projected File System, allowing them to gain elevated privileges on their local device. This can lead to unauthorized access and potentially malicious activity. Users should update to the latest version of Windows to address this vulnerability.

Original title

Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Projected File System allows an authorized attacker to elevate privileges locally.

Original description

Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Projected File System allows an authorized attacker to elevate privileges locally.

nvd CVSS3.1 7.8

Vulnerability type

CWE-362 Race Condition

CWE-416 Use After Free

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-27927

Published: 14 Apr 2026 · Updated: 14 Apr 2026 · First seen: 14 Apr 2026