Apr 2026: Remote Access Management service/API (RPC server) Elevation of Privilege Vulnerability
CVE-2026-26183 Published on April 14, 2026
Remote Access Management service/API (RPC server) Elevation of Privilege Vulnerability
Improper access control in Windows RPC API allows an authorized attacker to elevate privileges locally.
Weakness Type
What is an Authorization Vulnerability?
The software does not restrict or incorrectly restricts access to a resource from an unauthorized actor.
CVE-2026-26183 has been classified to as an Authorization vulnerability or weakness.
Products Associated with CVE-2026-26183
Want to know whenever a new CVE is published for Microsoft products? stack.watch will email you.
Affected Versions
Microsoft Windows Server 2012:- Version 6.2.9200.0 and below 6.2.9200.26026 is affected.
- Version 6.2.9200.0 and below 6.2.9200.26026 is affected.
- Version 6.3.9600.0 and below 6.3.9600.23132 is affected.
- Version 6.3.9600.0 and below 6.3.9600.23132 is affected.
- Version 10.0.14393.0 and below 10.0.14393.9060 is affected.
- Version 10.0.14393.0 and below 10.0.14393.9060 is affected.
- Version 10.0.17763.0 and below 10.0.17763.8644 is affected.
- Version 10.0.17763.0 and below 10.0.17763.8644 is affected.
- Version 10.0.20348.0 and below 10.0.20348.5020 is affected.
- Version 10.0.25398.0 and below 10.0.25398.2274 is affected.
- Version 10.0.26100.0 and below 10.0.26100.32690 is affected.
- Version 10.0.26100.0 and below 10.0.26100.32690 is affected.