CVE-2026-26178

High

Published: 14 April 2026

Published

14 April 2026

Modified

23 April 2026

KEV Added

—

Patch

—

CVSS Score 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

EPSS Score 0.0016 37.1th percentile

Risk Priority 18 60% EPSS · 20% KEV · 20% CVSS

Description

Integer size truncation in Windows Advanced Rasterization Platform (WARP) allows an unauthorized attacker to elevate privileges locally.

Mitigating Controls (NIST 800-53 r5)AI

SI-2 Flaw Remediation good match

prevent

Directly addresses the CVE by requiring timely identification, reporting, and remediation of the integer truncation flaw in WARP through vendor patches.

AC-6 Least Privilege partial match

prevent

Mitigates privilege escalation impact by ensuring WARP and related processes operate with least privileges necessary, limiting unauthorized access post-exploitation.

SI-16 Memory Protection partial match

prevent

Implements memory protections such as non-executable memory and address randomization to hinder exploitation of the integer truncation vulnerability for code execution and privilege escalation.

Security SummaryAI

CVE-2026-26178 is an integer size truncation vulnerability (CWE-190, CWE-681) in the Windows Advanced Rasterization Platform (WARP), a component of Microsoft Windows. Published on 2026-04-14, it carries a CVSS v3.1 base score of 8.8 (AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H), indicating high severity due to its potential for significant impact.

An unauthorized attacker can exploit this flaw locally to elevate privileges. The attack requires user interaction and no prior privileges, with a network attack vector enabling low-complexity exploitation that achieves high confidentiality, integrity, and availability impacts through privilege escalation.

Microsoft's Security Response Center (MSRC) provides an update guide for CVE-2026-26178 at https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-26178, outlining mitigation and patching details.

Details

CWE(s): CWE-190 CWE-681

Affected Products

microsoft

windows 10 1607

≤ 10.0.14393.9060 · ≤ 10.0.14393.9060

microsoft

windows 10 1809

≤ 10.0.17763.8644 · ≤ 10.0.17763.8644

microsoft

windows 10 21h2

≤ 10.0.19044.7184 · ≤ 10.0.19044.7184 · ≤ 10.0.19044.7184

microsoft

windows 10 22h2

≤ 10.0.19045.7184 · ≤ 10.0.19045.7184 · ≤ 10.0.19045.7184

microsoft

windows 11 23h2

≤ 10.0.22631.6936 · ≤ 10.0.22631.6936

microsoft

windows 11 24h2

≤ 10.0.26100.8246 · ≤ 10.0.26100.8246

microsoft

windows 11 25h2

≤ 10.0.26200.8246 · ≤ 10.0.26200.8246

microsoft

windows server 2016

≤ 10.0.14393.9060

microsoft

windows server 2019

≤ 10.0.17763.8644

microsoft

windows server 2022

≤ 10.0.20348.5020

+2 more product configuration(s) — see NVD for full list

MITRE ATT&CK Enterprise TechniquesAI

T1068 Exploitation for Privilege Escalation Privilege Escalation

Adversaries may exploit software vulnerabilities in an attempt to elevate privileges.

attack.mitre.org →

Why these techniques?

The CVE describes an integer truncation vulnerability in Windows WARP exploited locally by an unauthorized attacker (PR:N) requiring user interaction to elevate privileges, directly enabling T1068: Exploitation for Privilege Escalation.

Confidence: HIGH · MITRE ATT&CK Enterprise v19.0

References

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-26178
Vendor Advisory · secure@microsoft.com