May 2026: Windows Admin Center Elevation of Privilege Vulnerability
CVE-2026-35438 Published on May 12, 2026

Windows Admin Center Elevation of Privilege Vulnerability
Missing authorization in Windows Admin Center allows an authorized attacker to elevate privileges over a network.

Vendor Advisory NVD

Weakness Type

What is an AuthZ Vulnerability?

The software does not perform an authorization check when an actor attempts to access a resource or perform an action.

CVE-2026-35438 has been classified to as an AuthZ vulnerability or weakness.

Products Associated with CVE-2026-35438

Want to know whenever a new CVE is published for Microsoft Windows Admin Center? stack.watch will email you.

Microsoft Windows Admin Center

Affected Versions

Microsoft Windows Admin Center:

Version 1809.0 and below 2.6.5.16 is affected.

May 2026: Windows Admin Center Elevation of Privilege VulnerabilityCVE-2026-35438 Published on May 12, 2026

Weakness Type

What is an AuthZ Vulnerability?

Products Associated with CVE-2026-35438

Affected Versions

May 2026: Windows Admin Center Elevation of Privilege Vulnerability
CVE-2026-35438 Published on May 12, 2026