Apr 2026: Windows Admin Center Spoofing Vulnerability
CVE-2026-32196 Published on April 14, 2026
Windows Admin Center Spoofing Vulnerability
Improper neutralization of input during web page generation ('cross-site scripting') in Windows Admin Center allows an unauthorized attacker to perform spoofing over a network.
Weakness Type
What is a XSS Vulnerability?
The software does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.
CVE-2026-32196 has been classified to as a XSS vulnerability or weakness.
Products Associated with CVE-2026-32196
Want to know whenever a new CVE is published for Microsoft Windows Admin Center? stack.watch will email you.
Affected Versions
Microsoft Windows Admin Center:- Version 1809.0 and below 2.6.5.16 is affected.