Windows Sensor Data Service Local Privilege Escalation Risk

Monitor vulnerabilities like this one. Sign up free to get alerted when software you use is affected.

7.8

Windows Sensor Data Service Local Privilege Escalation Risk

CVE-2026-26161

Summary

An attacker with authorized access to the Windows Sensor Data Service can potentially gain elevated system privileges on a Windows system. This means they could make changes that a normal user shouldn't be able to make. To protect against this risk, ensure you have the latest updates installed for your Windows system.

Original title

Untrusted pointer dereference in Windows Sensor Data Service allows an authorized attacker to elevate privileges locally.

Original description

Untrusted pointer dereference in Windows Sensor Data Service allows an authorized attacker to elevate privileges locally.

nvd CVSS3.1 7.8

Vulnerability type

CWE-20 Improper Input Validation

CWE-822

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-26161

Published: 14 Apr 2026 · Updated: 14 Apr 2026 · First seen: 14 Apr 2026