CVE-2026-32162

High

Acceptance of extraneous untrusted data with trusted data in Windows COM allows an unauthorized attacker to elevate privileges locally.

secure@microsoft.com·CWE-349·Published 2026-04-14

CVSS

8.4

EPSS

0.02

KEV

Exploits

cve.orgen

135 chars

Acceptance of extraneous untrusted data with trusted data in Windows COM allows an unauthorized attacker to elevate privileges locally.

NVDen

135 chars

Acceptance of extraneous untrusted data with trusted data in Windows COM allows an unauthorized attacker to elevate privileges locally.

Version	Type	Source	Base	Exp	Impact	Vector
3.1	Primary	cve.org	8.4	—	—	CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
3.1	Secondary	NVD	8.4	2.5	5.9