CVE-2026-42991

{"id": "CVE-2026-42991", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "secure@microsoft.com", "cvssData": {"scope": "CHANGED", "version": "3.1", "baseScore": 7.8, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 6.0, "exploitabilityScore": 1.1}]}, "published": "2026-06-09T17:17:15.183", "references": [{"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-42991", "tags": ["Vendor Advisory"], "source": "secure@microsoft.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "secure@microsoft.com", "description": [{"lang": "en", "value": "CWE-362"}, {"lang": "en", "value": "CWE-416"}]}], "descriptions": [{"lang": "en", "value": "Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Push Notifications allows an authorized attacker to elevate privileges locally."}], "lastModified": "2026-06-11T15:43:28.487", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*", "vulnerable": true, "matchCriteriaId": "03A4C97D-FE89-4367-9A0E-E4E65BD49E18", "versionEndExcluding": "10.0.17763.8880"}, {"criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:*", "vulnerable": true, "matchCriteriaId": "FE809AA0-E917-495F-BB11-59215F47E14F", "versionEndExcluding": "10.0.17763.8880"}, {"criteria": "cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:arm64:*", "vulnerable": true, "matchCriteriaId": "3E87DD4E-44FC-4B9A-99AB-D1DB3C67EF79", "versionEndExcluding": "10.0.19044.7417"}, {"criteria": "cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:x64:*", "vulnerable": true, "matchCriteriaId": "A21A9BC4-DE4F-46BE-944F-AD6CAA92BF32", "versionEndExcluding": "10.0.19044.7417"}, {"criteria": "cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:x86:*", "vulnerable": true, "matchCriteriaId": "911336E9-FAEA-4EB5-96D7-8049AE622C61", "versionEndExcluding": "10.0.19044.7417"}, {"criteria": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:arm64:*", "vulnerable": true, "matchCriteriaId": "B8BB8399-35C5-4654-A679-5E105773615B", "versionEndExcluding": "10.0.19045.7417"}, {"criteria": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:x64:*", "vulnerable": true, "matchCriteriaId": "55571EDC-8323-4BAE-B363-113ACEF55CB2", "versionEndExcluding": "10.0.19045.7417"}, {"criteria": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:x86:*", "vulnerable": true, "matchCriteriaId": "D14AC77E-34F3-4704-A068-D9020FF60A8C", "versionEndExcluding": "10.0.19045.7417"}, {"criteria": "cpe:2.3:o:microsoft:windows_11_23h2:*:*:*:*:*:*:arm64:*", "vulnerable": true, "matchCriteriaId": "92508776-88BE-4872-99DB-1F690F71ADEF", "versionEndExcluding": "10.0.22631.7219"}, {"criteria": "cpe:2.3:o:microsoft:windows_11_23h2:*:*:*:*:*:*:x64:*", "vulnerable": true, "matchCriteriaId": "410079AC-180E-4D7F-B7F6-784E36FEA036", "versionEndExcluding": "10.0.22631.7219"}, {"criteria": "cpe:2.3:o:microsoft:windows_11_24h2:*:*:*:*:*:*:arm64:*", "vulnerable": true, "matchCriteriaId": "32DB4863-6880-40B4-8EC1-9E0F40E81D7F", "versionEndExcluding": "10.0.26100.8655"}, {"criteria": "cpe:2.3:o:microsoft:windows_11_24h2:*:*:*:*:*:*:x64:*", "vulnerable": true, "matchCriteriaId": "E691C9E5-5271-436D-A7FD-C25BEA4D447D", "versionEndExcluding": "10.0.26100.8655"}, {"criteria": "cpe:2.3:o:microsoft:windows_11_25h2:*:*:*:*:*:*:arm64:*", "vulnerable": true, "matchCriteriaId": "1D3DEE4A-9959-4716-BC39-35660AC22BC4", "versionEndExcluding": "10.0.26200.8655"}, {"criteria": "cpe:2.3:o:microsoft:windows_11_25h2:*:*:*:*:*:*:x64:*", "vulnerable": true, "matchCriteriaId": "1000C085-A5D7-4027-B9C1-6AE7DA468FB7", "versionEndExcluding": "10.0.26200.8655"}, {"criteria": "cpe:2.3:o:microsoft:windows_11_26h1:*:*:*:*:*:*:arm64:*", "vulnerable": true, "matchCriteriaId": "9C7AD7ED-307B-40B9-B706-45FB178C36D8", "versionEndExcluding": "10.0.28000.2269"}, {"criteria": "cpe:2.3:o:microsoft:windows_11_26h1:*:*:*:*:*:*:x64:*", "vulnerable": true, "matchCriteriaId": "8967AF79-CAD0-4F87-85A5-95D031C9FEFA", "versionEndExcluding": "10.0.28000.2269"}, {"criteria": "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "07C08212-A30E-4434-A17C-542E45D1E272", "versionEndExcluding": "10.0.17763.8880"}, {"criteria": "cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "27363D97-D4A9-4709-9854-F78F7EBCFB27", "versionEndExcluding": "10.0.20348.5256"}, {"criteria": "cpe:2.3:o:microsoft:windows_server_2025:*:*:*:*:*:*:x64:*", "vulnerable": true, "matchCriteriaId": "E127A6E6-C261-4039-8A13-A2FAC4606573", "versionEndExcluding": "10.0.26100.32995"}], "operator": "OR"}]}], "sourceIdentifier": "secure@microsoft.com"}