CVE-2025-26648

High

Sensitive data storage in improperly locked memory in Windows Kernel allows an authorized attacker to elevate privileges locally.

secure@microsoft.com·CWE-416·Published 2025-04-08

CVSS

7.8

EPSS

0.00

KEV

Exploits

cve.orgen

129 chars

Sensitive data storage in improperly locked memory in Windows Kernel allows an authorized attacker to elevate privileges locally.

NVDen

129 chars

Sensitive data storage in improperly locked memory in Windows Kernel allows an authorized attacker to elevate privileges locally.

NVDes

171 chars

El almacenamiento de datos confidenciales en una memoria bloqueada incorrectamente en el kernel de Windows permite que un atacante autorizado eleve privilegios localmente.

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
3.1	Primary	cve.org	7.8	—	—	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
3.1	Secondary	NVD	7.8	1.8	5.9