Windows OLE Privilege Elevation Vulnerability

Monitor vulnerabilities like this one. Sign up free to get alerted when software you use is affected.

7.8

Windows OLE Privilege Elevation Vulnerability

CVE-2026-26162

Summary

An attacker with authorized access to a Windows system can misuse a specific feature to gain higher-level permissions. This puts sensitive data and system settings at risk. To protect your system, apply the latest Windows updates as soon as possible.

Original title

Access of resource using incompatible type ('type confusion') in Windows OLE allows an authorized attacker to elevate privileges locally.

Original description

Access of resource using incompatible type ('type confusion') in Windows OLE allows an authorized attacker to elevate privileges locally.

nvd CVSS3.1 7.8

Vulnerability type

CWE-843 Type Confusion

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-26162

Published: 14 Apr 2026 · Updated: 14 Apr 2026 · First seen: 14 Apr 2026