High severity7.0NVD Advisory· Published May 12, 2026· Updated May 14, 2026
CVE-2026-34342
CVE-2026-34342
Description
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Print Spooler Components allows an authorized attacker to elevate privileges locally.
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
1- msrc.microsoft.com/update-guide/vulnerability/CVE-2026-34342nvdVendor Advisory
News mentions
3- Patch Tuesday - May 2026Rapid7 Blog · May 13, 2026
- Microsoft May 2026 Patch Tuesday fixes 120 flaws, no zero-daysBleepingComputer · May 12, 2026
- ZDI-26-310: Microsoft Windows splwow64 Race Condition Local Privilege Escalation VulnerabilityZero Day Initiative · May 12, 2026