CVE-2026-33825

Known Exploited (CISA KEV)HIGH

8.1

CVSS Severity Score

EPSS Score31.6360%

EPSS Percentile90.51th

PublishedApr 22, 2026

Last ModifiedJun 12, 2026

Vulnerability Description

Microsoft Defender contains an insufficient granularity of access control vulnerability that could allow an authorized attacker to escalate privileges locally.

Affected Platforms (CPE)

📦

Microsoft

Defender

Refer to description

References & Advisories

🔗 https://nvd.nist.gov/vuln/detail/CVE-2026-33825

Related Vulnerabilities

CVE-2021-4231110.0

Microsoft Defender for IoT Remote Code Execution Vulnerability

CVE-2021-4231310.0

Microsoft Defender for IoT Remote Code Execution Vulnerability

CVE-2026-454989.8

Microsoft Defender is vulnerable to Microsoft Defender Denial of Service Vulnerability. Apply mitigations per vendor instructions,...

CVE-2007-42909.8

Multiple PHP remote file inclusion vulnerabilities in Guestbook Script 1.9 allow remote attackers to execute arbitrary PHP code vi...