Microsoft PowerShell: Bypass Local Security Feature

Monitor vulnerabilities like this one. Sign up free to get alerted when software you use is affected.

7.8

Microsoft PowerShell: Bypass Local Security Feature

CVE-2026-26143

Summary

An attacker can bypass a security feature on a local system by sending special input to PowerShell. This means an attacker could potentially access restricted areas of the system without proper authorization. To mitigate this risk, update to the latest version of PowerShell or apply a patch.

Original title

Improper input validation in Microsoft PowerShell allows an unauthorized attacker to bypass a security feature locally.

Original description

Improper input validation in Microsoft PowerShell allows an unauthorized attacker to bypass a security feature locally.

nvd CVSS3.1 7.8

Vulnerability type

CWE-20 Improper Input Validation

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-26143

Published: 14 Apr 2026 · Updated: 14 Apr 2026 · First seen: 14 Apr 2026