THREAT OPS › CVEs › CVE-2026-41091
CVE-2026-41091 — Microsoft Defender Link Following Vulnerability
Microsoft Defender contains a link following vulnerability that allows an authorized attacker to elevate privileges locally.
Vulnerability details
- Affected productsDefender
- KEV remediation due2026-06-03
Exploiting threat actors
- Earth LuscaG1006
Related reporting
- RoguePlanet Zero-Day Fixed in Microsoft Defendersocradar_blog
- 25th May – Threat Intelligence Reportcheckpoint_research
- The June 2026 Security Update Reviewzdi_blog
- [CISA KEV] CVE-2026-41091 — Microsoft Defender: Microsoft Defender Link Following Vulnerabilitycisa_kev
- Microsoft’s June 2026 Patch Tuesday Addresses 198 CVEs ( CVE-2026-49160, CVE-2026-50507)tenable
- June 2026 CVE Landscaperecordedfuture
- 15th June – Threat Intelligence Reportcheckpoint_research
- May 2026 CVE Landscaperecordedfuture