Unauthorized access to Windows Remote Desktop Licensing Service

Monitor vulnerabilities like this one. Sign up free to get alerted when software you use is affected.

7.8

Unauthorized access to Windows Remote Desktop Licensing Service

CVE-2026-26159

Summary

An attacker with access to the Windows Remote Desktop Licensing Service can potentially gain elevated local privileges. This is a concern because it could allow an attacker to make unauthorized changes to the system. To address this, update your Windows system with the latest security patches as soon as possible.

Original title

Missing authentication for critical function in Windows Remote Desktop Licensing Service allows an authorized attacker to elevate privileges locally.

Original description

Missing authentication for critical function in Windows Remote Desktop Licensing Service allows an authorized attacker to elevate privileges locally.

nvd CVSS3.1 7.8

Vulnerability type

CWE-306 Missing Authentication for Critical Function

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-26159

Published: 14 Apr 2026 · Updated: 14 Apr 2026 · First seen: 14 Apr 2026