CVE-2026-35417
High
Published: 12 May 2026
Published
12 May 2026
Modified
12 May 2026
KEV Added
—
Patch
—
CVSS Score
7.8
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS Score
N/A
Risk Priority
16
60% EPSS · 20% KEV · 20% CVSS
Summary
CVE-2026-35417 is a high-severity Type Confusion (CWE-843) vulnerability. Its CVSS base score is 7.8 (High).
Operationally, it is not currently listed in the CISA KEV catalog.
NVD Description
Access of resource using incompatible type ('type confusion') in Windows Win32K - ICOMP allows an authorized attacker to elevate privileges locally.
Deeper analysisAI
Automated synthesis unavailable for this CVE.
Details
- CWE(s)