Apr 2026: Windows Kerberos Elevation of Privilege Vulnerability
CVE-2026-27912 Published on April 14, 2026
Windows Kerberos Elevation of Privilege Vulnerability
Improper authorization in Windows Kerberos allows an authorized attacker to elevate privileges over an adjacent network.
Weakness Type
What is an AuthZ Vulnerability?
The software does not perform or incorrectly performs an authorization check when an actor attempts to access a resource or perform an action.
CVE-2026-27912 has been classified to as an AuthZ vulnerability or weakness.
Products Associated with CVE-2026-27912
Want to know whenever a new CVE is published for Microsoft products? stack.watch will email you.
Affected Versions
Microsoft Windows Server 2012:- Version 6.2.9200.0 and below 6.2.9200.26026 is affected.
- Version 6.2.9200.0 and below 6.2.9200.26026 is affected.
- Version 6.3.9600.0 and below 6.3.9600.23132 is affected.
- Version 6.3.9600.0 and below 6.3.9600.23132 is affected.
- Version 10.0.14393.0 and below 10.0.14393.9060 is affected.
- Version 10.0.14393.0 and below 10.0.14393.9060 is affected.
- Version 10.0.17763.0 and below 10.0.17763.8644 is affected.
- Version 10.0.17763.0 and below 10.0.17763.8644 is affected.
- Version 10.0.20348.0 and below 10.0.20348.5020 is affected.
- Version 10.0.25398.0 and below 10.0.25398.2274 is affected.
- Version 10.0.26100.0 and below 10.0.26100.32690 is affected.
- Version 10.0.26100.0 and below 10.0.26100.32690 is affected.