CVE-2026-26155

MEDIUM

Microsoft Local Security Authority Subsystem Service Information Disclosure Vulnerability

CVSS v3.1 Score

6.5
MEDIUM
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Attack Vector
NETWORK
Complexity
LOW
Privileges
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality
HIGH
Integrity
NONE
Availability
NONE
Published: 4/14/2026Modified: 4/24/2026

Related Intelligence (1)

CRITICALZero Day

Patch Tuesday - April 2026

Microsoft is publishing 167 vulnerabilities on April 2026 Patch Tuesday . Microsoft is aware of exploitation in the wild for one of today’s vulnerabilities, and public disclosure for one other. Microsoft evaluates 19 of the vulnerabilities published today as more likely to see future exploitation. So far this month, Microsoft has provided patches to address 80 browser vulnerabilities, which are no

CVE-2026-32201CVE-2026-33825
Rapid7

References (1)

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-26155Vendor Advisory