CVE-2026-25184

HIGH

Concurrent execution using shared resource with improper synchronization ('race condition') in Applocker Filter Driver (applockerfltr.sys) allows an authorized attacker to elevate privileges locally.

CVSS v3.1 Score

7.0

HIGH

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

Attack Vector

LOCAL

Complexity

HIGH

Privileges

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

HIGH

Integrity

HIGH

Availability

HIGH

Published: 4/14/2026Modified: 4/24/2026

Related Intelligence (0)

No articles currently reference this CVE.

References (1)

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-25184Vendor Advisory