VDB
msrc_CVE-2026-41091
msrc_CVE-2026-41091
PUBLISHED
CVSS 7.800000190734863 HIGH
Risk Scores
CVSS 3.1
7.800000190734863
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Exploit Intelligence
- 🔥 CVE-2026-41091 SolarFlare | Microsoft Defender LPE exploit. Low-privileged users gain NT AUTHORITY\SYSTEM via Cloud Files API + NTFS junction trickery. Forces Defender to write malicious payloads to System32 with SYSTEM rights. ⚠️ Actively exploited in wild. CVSS 7.8. Patch: Defender Engine 1.1.26040.8. 🛡️ Educational PoC only. (github-poc-repo)
- 🔥 CVE-2026-41091 SolarFlare | Microsoft Defender LPE exploit. Low-privileged users gain NT AUTHORITY\SYSTEM via Cloud Files API + NTFS junction trickery. Forces Defender to write malicious payloads to System32 with SYSTEM rights. ⚠️ Actively exploited in wild. CVSS 7.8. Patch: Defender Engine 1.1.26040.8. 🛡️ Educational PoC only. (github-poc)
- CVE-2026-41091 / CVE-2026-45498 Microsoft Defender vulnerability scanner (github-poc-repo)
- CVE-2026-41091 / CVE-2026-45498 Microsoft Defender vulnerability scanner (github-poc)
- CVE-2026-41091 / CVE-2026-45498 Microsoft Defender vulnerability scanner (github-poc-repo)
- CVE-2026-41091 / CVE-2026-45498 Microsoft Defender vulnerability scanner (github-poc)
- CVE-2026-41091 (github-poc-repo)
- CVE-2026-41091 (github-poc)
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-41091 (circl)
- https://www.first.org/cvss (circl)
…and 3 more exploits
Timeline
- May 12, 2026 CVE Published
- May 19, 2026 CVE Updated
- May 21, 2026 Security Advisory
- May 21, 2026 Security Advisory