CVE-2026-41091

HighCISA KEVActive Exploitation

Published: 20 May 2026

Published

20 May 2026

Modified

20 May 2026

KEV Added

20 May 2026

Patch

—

CVSS Score 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

EPSS Score N/A

Risk Priority 36 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2026-41091 is a high-severity Link Following (CWE-59) vulnerability in Microsoft Malware Protection Engine. Its CVSS base score is 7.8 (High).

Operationally, CISA has added it to the Known Exploited Vulnerabilities catalog.

NVD Description

Improper link resolution before file access ('link following') in Microsoft Defender allows an authorized attacker to elevate privileges locally.

Deeper analysisAI

Automated synthesis unavailable for this CVE.

Details

CWE(s): CWE-59
KEV Date Added: 20 May 2026

Affected Products

microsoft

malware protection engine

1.1.26030.3008 — 1.1.26040.8

References

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-41091
Vendor Advisory · secure@microsoft.com
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-41091
US Government Resource, Third Party Advisory · 134c704f-9b21-4f2e-91b3-4a467353bcc0