CVE-2026-49176
Improper privilege management in Windows WalletService allows an authorized attacker to elevate privileges locally.
CVSS
7.8
High
EPSS
0.2%
p16
KEV
—
Exploit Today
5
0-100
Published: Jul 14, 2026 · Last modified: Jul 15, 2026 · CWE-59 · CWE-269
0.2%EPSS · 30 days0.2%
2026-07-152026-07-19
Improper privilege management in Windows WalletService allows an authorized attacker to elevate privileges locally.
CVECVSSEPSSKEVRExploitTitleMod.
CVE-2026-468179.8 CRI60.3%
KEV—68Oracle E-Business Suite Improper Privilege Management Vulnerability4dCVE-2022-250899.8 CRI96.9%
——29Printix Secure Cloud Print Management through 1.3.1106.0 incorrectly uses Privileged APIs to modify values in HKEY_LOCAL_MACHINE via UITasks.PersistentRegistryData.11dCVE-2026-506567.8 HIG87.5%
——26Microsoft is aware of an elevation of privilege in the Microsoft Malware Protection Engine in Microsoft Defender publicly referred to as "RoguePlanet ".11dCVE-2026-503437.8 HIG83.2%
——25Improper privilege management in Microsoft Install Service allows an authorized attacker to elevate privileges locally.4dCVE-2022-262517.2 HIG75.4%
——23The HTTP interface of Synaman v5.1 and below was discovered to allow authenticated attackers to execute arbitrary code and escalate privileges.11dCVE-2026-3407810.0 CRI74.4%
——22Flatpak is a Linux application sandboxing and distribution framework. Prior to 1.16.4, the Flatpak portal accepts paths in the sandbox-expose options which can be app-controlled symlinks pointing at arbitrary paths. Flatpak run mounts the resolved host path in the sandbox. This gives apps access to all host files and can be used as a primitive to gain code execution in the host context. This vulnerability is fixed in 1.16.4.5d