HIGHVulnerability
Verified
Global

NVD HIGH: CVE-2026-33834 — Improper access control in Windows Event Logging Service allows an authorized at...

·Source: NIST NVD

Updated:

Executive Summary

Improper access control in Windows Event Logging Service allows an authorized attacker to elevate privileges locally.

Analysis

Improper access control in Windows Event Logging Service allows an authorized attacker to elevate privileges locally. CVSS Score: 7.8. Published: 2026-05-12T18:17:05.293.

Indicators of Compromise (1)

CVE (1)
CVE-2026-33834
NVDMITRE CVE
Source Attribution

Originally published by NIST NVD on May 12, 2026. Verified by: NIST.

Related Threats

CRITICALVulnerability

NVD CRITICAL: CVE-2026-45230 — DumbAssets through 1.0.11 contains a path traversal vulnerability in the POST /a...

DumbAssets through 1.0.11 contains a path traversal vulnerability in the POST /api/delete-file endpoint and filesToDelete array parameters that allows unauthenticated attackers to delete arbitrary files by supplying ../ sequences that bypass directory boundary validation. Attackers can exploit the optional and disabled-by-default authentication control to traverse outside the intended application

CVE-2026-45230
NIST NVD
CRITICALVulnerability

NVD CRITICAL: CVE-2026-42822 — Improper authentication in Azure Local Disconnected Operations allows an unautho...

Improper authentication in Azure Local Disconnected Operations allows an unauthorized attacker to elevate privileges over a network.

CVE-2026-42822
NIST NVD
MEDIUMVulnerability

Grafana refuses to pay ransom after codebase theft

On Saturday night, the company released a statement confirming the incident and outlining their decision not to pay a ransom issued by the hackers behind the attack.

The Record