PULSE
LIVE20signals / 24h
FEED
ransomdragonforce reclama a NewNet · SA · Telecommunicationransomqilin reclama a Sicc · IT · Not Foundransomqilin reclama a KLD Labs · US · Technologyransomqilin reclama a Armara · FR · Not Foundransomqilin reclama a AK Preparedness · Business Servicesransomthreeam reclama a tws-tac.net · DE · Not Foundransomincransom reclama a v-silicon.com · TW · Technologyransomincransom reclama a FAST.COM.PH · PH · Technologyransomincransom reclama a D.MAG New Material Technology Co., Ltd. Taiwan Giant · TW · Manufacturingransomincransom reclama a vedan corp · VN · Agriculture and Food Productionransomincransom reclama a reatile.co.za · ZA · Not Foundransomincransom reclama a V&P Nurseries · US · Agriculture and Food Productionransomqilin reclama a Powder River Heating & Air Conditioning · US · Consumer Servicesransomqilin reclama a Droguería Martorani · AR · Consumer Servicesransomdragonforce reclama a NewNet · SA · Telecommunicationransomqilin reclama a Sicc · IT · Not Foundransomqilin reclama a KLD Labs · US · Technologyransomqilin reclama a Armara · FR · Not Foundransomqilin reclama a AK Preparedness · Business Servicesransomthreeam reclama a tws-tac.net · DE · Not Foundransomincransom reclama a v-silicon.com · TW · Technologyransomincransom reclama a FAST.COM.PH · PH · Technologyransomincransom reclama a D.MAG New Material Technology Co., Ltd. Taiwan Giant · TW · Manufacturingransomincransom reclama a vedan corp · VN · Agriculture and Food Productionransomincransom reclama a reatile.co.za · ZA · Not Foundransomincransom reclama a V&P Nurseries · US · Agriculture and Food Productionransomqilin reclama a Powder River Heating & Air Conditioning · US · Consumer Servicesransomqilin reclama a Droguería Martorani · AR · Consumer Services
← All CVEs
CVE WatchJul 15, 2026

CVE-2026-57107

Improper authentication in Windows Admin Center allows an authorized attacker to elevate privileges locally.

CVSS

7.8

High

EPSS

0.2%

p12

KEV

Exploit Today

4

0-100

Published: Jul 14, 2026 · Last modified: Jul 15, 2026 · CWE-287

EPSS · 30d
0.2%EPSS · 30 days0.2%
2026-07-152026-07-17
Technical description

Improper authentication in Windows Admin Center allows an authorized attacker to elevate privileges locally.

Official references
Related CVEs
CVECVSSEPSSKEVRExploitTitleMod.
CVE-2026-468179.8 CRI
60.3%
KEV68Oracle E-Business Suite Improper Privilege Management Vulnerability2d
CVE-2023-278239.8 CRI
98.9%
30An authentication bypass in Optoma 1080PSTX C02 allows an attacker to access the administration console without valid credentials.10d
CVE-2022-470039.8 CRI
88.2%
26A vulnerability in the Remember Me function of Mura CMS before v10.0.580 allows attackers to bypass authentication via a crafted web request.10d
CVE-2026-242947.8 HIG
84.6%
25Improper authentication in Windows SMB Server allows an authorized attacker to elevate privileges locally.17d
CVE-2020-288747.5 HIG
81.8%
25reset-password.php in ProjectSend before r1295 allows remote attackers to reset a password because of incorrect business logic. Errors are not properly considered (an invalid token parameter).10d
CVE-2022-233207.5 HIG
73.5%
22XMPie uStore 12.3.7244.0 allows for administrators to generate reports based on raw SQL queries. Since the application ships with default administrative credentials, an attacker may authenticate into the application and exfiltrate sensitive information from the database.10d