CYBERHAWK / CVE / CVE-2026-42991

CVE-2026-42991

HIGH CVSS 7.8 other

The flaw

Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Push Notifications allows an authorized attacker to elevate privileges locally.

What to do

Review advisory and patch per vendor guidance.

▸ Scan my repo for CVE-2026-42991

References

NVD CISA KEV OSV GitHub Advisory MITRE News search

In the news

Microsoft and Adobe Patch Tuesday, June 2026 Security Update ReviewQualys · 2026-06-11
Zero Day Initiative — The June 2026 Security Update Reviewthezdi.com · 2026-06-09
Microsoft June 2026 Patch Tuesday fixes 6 zero-days, 200 flawsBleepingComputer · 2026-06-09

First seen 2026-06-12 · Tracked by PickBits CyberHawk · Weekly CVE digest

← All CVEs RSS Scheduled audits