CVE-2026-41088
High
Published: 12 May 2026
Published
12 May 2026
Modified
12 May 2026
KEV Added
—
Patch
—
CVSS Score
7.8
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS Score
N/A
Risk Priority
16
60% EPSS · 20% KEV · 20% CVSS
Summary
CVE-2026-41088 is a high-severity External Control of File Name or Path (CWE-73) vulnerability. Its CVSS base score is 7.8 (High).
Operationally, it is not currently listed in the CISA KEV catalog.
Threat & Defense Details
Likely Mitigating ControlsAI
Per-CVE control mapping for this CVE has not run yet; the list below is derived from the weakness types (CWEs) cited in the NVD entry.
addresses: CWE-73
Rejects externally supplied file or resource identifiers that fail validity checks.
NVD Description
External control of file name or path in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.
Deeper analysisAI
Automated synthesis unavailable for this CVE.
Details
- CWE(s)