VYPR
Unrated severityNVD Advisory· Published Jan 13, 2026· Updated Apr 1, 2026

Windows Local Security Authority Subsystem Service (LSASS) Remote Code Execution Vulnerability

CVE-2026-20854

Description

Use after free in Windows Local Security Authority Subsystem Service (LSASS) allows an authorized attacker to execute code over a network.

Affected products

4

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.