Sign in Subscribe

← All advisories

Unrated severityNVD Advisory· Published Mar 10, 2026· Updated Apr 14, 2026

Push message Routing Service Elevation of Privilege Vulnerability

CVE-2026-24282

Description

Out-of-bounds read in Push Message Routing Service allows an authorized attacker to disclose information locally.

Affected products

9

Microsoft/Windows 10 Version 1607v5
Range: 10.0.14393.0
Microsoft/Windows 10 Version 1809v5
Range: 10.0.17763.0
Microsoft/Windows 10 Version 21H2v5
Range: 10.0.19044.0
Microsoft/Windows 10 Version 22H2v5
Range: 10.0.19045.0
Microsoft/Windows 11 version 22H3v5
Range: 10.0.22631.0
Microsoft/Windows 11 Version 23H2v5
Range: 10.0.22631.0
Microsoft/Windows 11 Version 24H2v5
Range: 10.0.26100.0
Microsoft/Windows 11 Version 25H2v5
Range: 10.0.26200.0
Microsoft/Windows 11 version 26H1v5
Range: 10.0.28000.0

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

1

msrc.microsoft.com/update-guide/vulnerability/CVE-2026-24282mitrevendor-advisorypatch

News mentions

0

No linked articles in our index yet.