Windows Speech Brokered API Privilege Elevation Vulnerability

Monitor vulnerabilities like this one. Sign up free to get alerted when software you use is affected.

7.8

Windows Speech Brokered API Privilege Elevation Vulnerability

CVE-2026-32090

Summary

An attacker with authorized access can exploit a flaw in the Windows Speech Brokered API to gain elevated privileges on a local system. This could lead to unauthorized access to sensitive data or system modifications. To protect your system, ensure the Windows Speech Brokered API is up to date with the latest security patches.

Original title

Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Speech Brokered Api allows an authorized attacker to elevate privileges locally.

Original description

Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Speech Brokered Api allows an authorized attacker to elevate privileges locally.

nvd CVSS3.1 7.8

Vulnerability type

CWE-362 Race Condition

CWE-416 Use After Free

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-32090

Published: 14 Apr 2026 · Updated: 14 Apr 2026 · First seen: 14 Apr 2026