Windows Shell Privilege Elevation Vulnerability

Monitor vulnerabilities like this one. Sign up free to get alerted when software you use is affected.

7.8

Windows Shell Privilege Elevation Vulnerability

CVE-2026-27918

Summary

A flaw in the Windows Shell's handling of certain tasks can allow an authorized user to gain more access to the system than they should have. This issue affects Windows systems and could be exploited by an attacker with local access to elevate their privileges. To protect your system, make sure you have the latest Windows updates installed and consider implementing additional security measures to prevent unauthorized access.

Original title

Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Shell allows an authorized attacker to elevate privileges locally.

Original description

Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Shell allows an authorized attacker to elevate privileges locally.

nvd CVSS3.1 7.8

Vulnerability type

CWE-362 Race Condition

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-27918

Published: 14 Apr 2026 · Updated: 14 Apr 2026 · First seen: 14 Apr 2026