CVE-2026-26119

Name of the Vulnerable Software and Affected Versions Windows Admin Center versions prior to 2511 Description An improper authentication issue exists in Windows Admin Center, potentially allowing an authorized attacker to elevate privileges on a network. The vulnerability, identified as CVE-2026-26119, has a CVSS score of 8.8 (High severity). An attacker with low-level access credentials could exploit this flaw to gain the rights of the user running the application, potentially leading to broad administrative control and even domain compromise under certain conditions. The vulnerability stems from flawed session handling or token validation. While there are no reports of active exploitation, Microsoft rates the vulnerability as having a “high likelihood of exploitation”. Recommendations Update Windows Admin Center to version 2511 or later.