Windows Win32K Graphics Component Privilege Escalation Vulnerability

Monitor vulnerabilities like this one. Sign up free to get alerted when software you use is affected.

7.0

Windows Win32K Graphics Component Privilege Escalation Vulnerability

CVE-2026-33104

Summary

An attacker on a local network can exploit a weakness in the Windows graphics component to gain elevated access to a system. This could allow the attacker to install malicious software or make unauthorized changes. Windows administrators should apply the latest security updates to prevent exploitation.

Original title

Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Win32K - GRFX allows an authorized attacker to elevate privileges locally.

Original description

Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Win32K - GRFX allows an authorized attacker to elevate privileges locally.

nvd CVSS3.1 7.0

Vulnerability type

CWE-362 Race Condition

CWE-416 Use After Free

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-33104

Published: 14 Apr 2026 · Updated: 14 Apr 2026 · First seen: 14 Apr 2026