Windows Storage Spaces Privilege Escalation via Integer Underflow

Monitor vulnerabilities like this one. Sign up free to get alerted when software you use is affected.

7.8

Windows Storage Spaces Privilege Escalation via Integer Underflow

CVE-2026-27907

Summary

A flaw in Windows Storage Spaces Controller can allow an authorized user on the same computer to gain elevated privileges. This could potentially allow them to access sensitive data or make system changes. Users should update to the latest version of Windows to address this issue.

Original title

Integer underflow (wrap or wraparound) in Windows Storage Spaces Controller allows an authorized attacker to elevate privileges locally.

Original description

Integer underflow (wrap or wraparound) in Windows Storage Spaces Controller allows an authorized attacker to elevate privileges locally.

nvd CVSS3.1 7.8

Vulnerability type

CWE-191

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-27907

Published: 14 Apr 2026 · Updated: 14 Apr 2026 · First seen: 14 Apr 2026