CVE-2026-26151

HIGH

Insufficient ui warning of dangerous operations in Windows Remote Desktop allows an unauthorized attacker to perform spoofing over a network.

CVSS v3.1 Score

7.1
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:N
Attack Vector
NETWORK
Complexity
LOW
Privileges
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality
HIGH
Integrity
LOW
Availability
NONE
Published: 4/14/2026Modified: 5/26/2026

Related Intelligence (0)

No articles currently reference this CVE.

References (3)

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-26151Vendor Advisoryhttps://www.vicarius.io/vsociety/posts/cve-2026-26151-detection-script-spoofing-vulnerability-affecting-windows-remote-desktophttps://www.vicarius.io/vsociety/posts/cve-2026-26151-mitigation-script-spoofing-vulnerability-affecting-windows-remote-desktop