Improper Authentication in Windows SMB Server by Microsoft
CVE-2026-26128

7.8HIGH

Key Information:

Vendor: Microsoft
Status: Windows 10 Version 1607; Windows 10 Version 1809; Windows 10 Version 21h2; Windows 10 Version 22h2
Vendor: CVE Published:; 10 March 2026

Badges

👾 Exploit Exists🟡 Public PoC

What is CVE-2026-26128?

A vulnerability in Windows SMB Server allows authorized attackers to exploit improper authentication mechanisms, enabling them to elevate their privileges locally. This weakness can be leveraged to gain unauthorized access and control over sensitive resources within the affected system, presenting significant risks to system integrity and data security.

Affected Version(s)

Windows 10 Version 1607 32-bit Systems 10.0.14393.0 < 10.0.14393.8957

Windows 10 Version 1809 32-bit Systems 10.0.17763.0 < 10.0.17763.8511

Windows 10 Version 21H2 32-bit Systems 10.0.19044.0 < 10.0.19044.7058

Exploit Proof of Concept (PoC)

PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.

CVE-2026-26128
Created by jarnovandenbrink

References

https://msrc.microsoft.com/update-guide/vulnerability/CVE...

vendor-advisorypatch

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

🟡
Public PoC available
May 6, 2026
👾
Exploit known to exist
May 6, 2026
Vulnerability published
Mar 10, 2026
Vulnerability Reserved
Feb 11, 2026

CVE-2026-26128 Data

JSON