THREATOPS
THREAT OPSCVEs › CVE-2026-41091

CVE-2026-41091 — Microsoft Defender Link Following Vulnerability

CISA KEVExploited: confirmedMicrosoft

Microsoft Defender contains a link following vulnerability that allows an authorized attacker to elevate privileges locally.

Vulnerability details

Exploiting threat actors

Related reporting