Windows SMB Server Allows Local Privilege Escalation

Monitor vulnerabilities like this one. Sign up free to get alerted when software you use is affected.

7.8

Windows SMB Server Allows Local Privilege Escalation

CVE-2026-26128

Summary

Windows SMB Server has a security issue that allows someone with permission to access the server to gain higher levels of access than they should have. This could potentially give them control of the server. Update the Windows operating system to the latest version to fix this issue.

Original title

Improper authentication in Windows SMB Server allows an authorized attacker to elevate privileges locally.

Original description

Improper authentication in Windows SMB Server allows an authorized attacker to elevate privileges locally.

nvd CVSS3.1 7.8

Vulnerability type

CWE-287 Improper Authentication

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-26128

Published: 10 Mar 2026 · Updated: 14 Mar 2026 · First seen: 11 Mar 2026