Elevation of Privileges in Windows Admin Center by Microsoft
CVE-2026-26119

8.8HIGH

Key Information:

Vendor: Microsoft
Status: Windows Admin Center
Vendor: CVE Published:; 17 February 2026

What is CVE-2026-26119?

An improper authentication vulnerability in Windows Admin Center allows attackers to escalate their privileges over a network. By exploiting this flaw, an authorized user can gain elevated access to system resources, potentially leading to unauthorized activities and compromise of sensitive information. Organizations using Windows Admin Center should implement the recommended security patches to mitigate this risk and protect their systems from potential exploits.

Affected Version(s)

Windows Admin Center 1809.0 < 2.6.4

References

https://msrc.microsoft.com/update-guide/vulnerability/CVE...

vendor-advisorypatch

CVSS V3.1

Score:

8.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Feb 17, 2026
Vulnerability Reserved
Feb 11, 2026

CVE-2026-26119 Data

JSON