Apr 2026: Windows Active Directory Remote Code Execution Vulnerability
CVE-2026-33826 Published on April 14, 2026
Windows Active Directory Remote Code Execution Vulnerability
Improper input validation in Windows Active Directory allows an authorized attacker to execute code over an adjacent network.
Weakness Type
Improper Input Validation
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.
Products Associated with CVE-2026-33826
Want to know whenever a new CVE is published for Microsoft products? stack.watch will email you.
Affected Versions
Microsoft Windows Server 2012 R2:- Version 6.3.9600.0 and below 6.3.9600.23132 is affected.
- Version 6.3.9600.0 and below 6.3.9600.23132 is affected.
- Version 10.0.14393.0 and below 10.0.14393.9060 is affected.
- Version 10.0.14393.0 and below 10.0.14393.9060 is affected.
- Version 10.0.17763.0 and below 10.0.17763.8644 is affected.
- Version 10.0.17763.0 and below 10.0.17763.8644 is affected.
- Version 10.0.20348.0 and below 10.0.20348.5020 is affected.
- Version 10.0.25398.0 and below 10.0.25398.2274 is affected.
- Version 10.0.26100.0 and below 10.0.26100.32690 is affected.
- Version 10.0.26100.0 and below 10.0.26100.32690 is affected.