{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-26178", "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "state": "PUBLISHED", "assignerShortName": "microsoft", "dateReserved": "2026-02-11T18:33:57.777Z", "datePublished": "2026-04-14T16:58:03.225Z", "dateUpdated": "2026-05-12T17:38:59.308Z"}, "containers": {"cna": {"title": "Windows Advanced Rasterization Platform Elevation of Privilege Vulnerability", "datePublic": "2026-04-14T14:00:00.000Z", "cpeApplicability": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:*", "versionStartIncluding": "10.0.17763.0", "versionEndExcluding": "10.0.17763.8644"}, {"vulnerable": true, "criteria": "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*", "versionStartIncluding": "10.0.17763.0", "versionEndExcluding": "10.0.17763.8644"}, {"vulnerable": true, "criteria": "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*", "versionStartIncluding": "10.0.17763.0", "versionEndExcluding": "10.0.17763.8644"}, {"vulnerable": true, "criteria": "cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:*", "versionStartIncluding": "10.0.20348.0", "versionEndExcluding": "10.0.20348.5020"}, {"vulnerable": true, "criteria": "cpe:2.3:o:microsoft:windows_10_21H2:*:*:*:*:*:*:x86:*", "versionStartIncluding": "10.0.19044.0", "versionEndExcluding": "10.0.19044.7184"}, {"vulnerable": true, "criteria": "cpe:2.3:o:microsoft:windows_10_22H2:*:*:*:*:*:*:x64:*", "versionStartIncluding": "10.0.19045.0", "versionEndExcluding": "10.0.19045.7184"}, {"vulnerable": true, "criteria": "cpe:2.3:o:microsoft:windows_server_2025:*:*:*:*:*:*:*:*", "versionStartIncluding": "10.0.26100.0", "versionEndExcluding": "10.0.26100.32690"}, {"vulnerable": true, "criteria": "cpe:2.3:o:microsoft:windows_11_25H2:*:*:*:*:*:*:arm64:*", "versionStartIncluding": "10.0.26200.0", "versionEndExcluding": "10.0.26200.8246"}, {"vulnerable": true, "criteria": "cpe:2.3:o:microsoft:windows_11_23H2:*:*:*:*:*:*:arm64:*", "versionStartIncluding": "10.0.22631.0", "versionEndExcluding": "10.0.22631.6936"}, {"vulnerable": true, "criteria": "cpe:2.3:o:microsoft:windows_11_23H2:*:*:*:*:*:*:x64:*", "versionStartIncluding": "10.0.22631.0", "versionEndExcluding": "10.0.22631.6936"}, {"vulnerable": true, "criteria": "cpe:2.3:o:microsoft:windows_server_23h2:*:*:*:*:*:*:*:*", "versionStartIncluding": "10.0.25398.0", "versionEndExcluding": "10.0.25398.2274"}, {"vulnerable": true, "criteria": "cpe:2.3:o:microsoft:windows_11_24H2:*:*:*:*:*:*:arm64:*", "versionStartIncluding": "10.0.26100.0", "versionEndExcluding": "10.0.26100.8246"}, {"vulnerable": true, "criteria": "cpe:2.3:o:microsoft:windows_server_2025:*:*:*:*:*:*:*:*", "versionStartIncluding": "10.0.26100.0", "versionEndExcluding": "10.0.26100.32690"}, {"vulnerable": true, "criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x86:*", "versionStartIncluding": "10.0.14393.0", "versionEndExcluding": "10.0.14393.9060"}, {"vulnerable": true, "criteria": "cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*", "versionStartIncluding": "10.0.14393.0", "versionEndExcluding": "10.0.14393.9060"}, {"vulnerable": true, "criteria": "cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*", "versionStartIncluding": "10.0.14393.0", "versionEndExcluding": "10.0.14393.9060"}]}]}], "affected": [{"vendor": "Microsoft", "product": "Windows 10 Version 1607", "platforms": ["32-bit Systems", "x64-based Systems"], "versions": [{"version": "10.0.14393.0", "lessThan": "10.0.14393.9060", "versionType": "custom", "status": "affected"}]}, {"vendor": "Microsoft", "product": "Windows 10 Version 1809", "platforms": ["32-bit Systems", "x64-based Systems"], "versions": [{"version": "10.0.17763.0", "lessThan": "10.0.17763.8644", "versionType": "custom", "status": "affected"}]}, {"vendor": "Microsoft", "product": "Windows 10 Version 21H2", "platforms": ["32-bit Systems", "ARM64-based Systems", "x64-based Systems"], "versions": [{"version": "10.0.19044.0", "lessThan": "10.0.19044.7184", "versionType": "custom", "status": "affected"}]}, {"vendor": "Microsoft", "product": "Windows 10 Version 22H2", "platforms": ["32-bit Systems", "ARM64-based Systems", "x64-based Systems"], "versions": [{"version": "10.0.19045.0", "lessThan": "10.0.19045.7184", "versionType": "custom", "status": "affected"}]}, {"vendor": "Microsoft", "product": "Windows 11 version 22H3", "platforms": ["ARM64-based Systems"], "versions": [{"version": "10.0.22631.0", "lessThan": "10.0.22631.6936", "versionType": "custom", "status": "affected"}]}, {"vendor": "Microsoft", "product": "Windows 11 Version 23H2", "platforms": ["x64-based Systems"], "versions": [{"version": "10.0.22631.0", "lessThan": "10.0.22631.6936", "versionType": "custom", "status": "affected"}]}, {"vendor": "Microsoft", "product": "Windows 11 Version 24H2", "platforms": ["ARM64-based Systems", "x64-based Systems"], "versions": [{"version": "10.0.26100.0", "lessThan": "10.0.26100.8246", "versionType": "custom", "status": "affected"}]}, {"vendor": "Microsoft", "product": "Windows 11 Version 25H2", "platforms": ["ARM64-based Systems", "x64-based Systems"], "versions": [{"version": "10.0.26200.0", "lessThan": "10.0.26200.8246", "versionType": "custom", "status": "affected"}]}, {"vendor": "Microsoft", "product": "Windows Server 2016", "platforms": ["x64-based Systems"], "versions": [{"version": "10.0.14393.0", "lessThan": "10.0.14393.9060", "versionType": "custom", "status": "affected"}]}, {"vendor": "Microsoft", "product": "Windows Server 2016 (Server Core installation)", "platforms": ["x64-based Systems"], "versions": [{"version": "10.0.14393.0", "lessThan": "10.0.14393.9060", "versionType": "custom", "status": "affected"}]}, {"vendor": "Microsoft", "product": "Windows Server 2019", "platforms": ["x64-based Systems"], "versions": [{"version": "10.0.17763.0", "lessThan": "10.0.17763.8644", "versionType": "custom", "status": "affected"}]}, {"vendor": "Microsoft", "product": "Windows Server 2019 (Server Core installation)", "platforms": ["x64-based Systems"], "versions": [{"version": "10.0.17763.0", "lessThan": "10.0.17763.8644", "versionType": "custom", "status": "affected"}]}, {"vendor": "Microsoft", "product": "Windows Server 2022", "platforms": ["x64-based Systems"], "versions": [{"version": "10.0.20348.0", "lessThan": "10.0.20348.5020", "versionType": "custom", "status": "affected"}]}, {"vendor": "Microsoft", "product": "Windows Server 2022, 23H2 Edition (Server Core installation)", "platforms": ["x64-based Systems"], "versions": [{"version": "10.0.25398.0", "lessThan": "10.0.25398.2274", "versionType": "custom", "status": "affected"}]}, {"vendor": "Microsoft", "product": "Windows Server 2025", "platforms": ["x64-based Systems"], "versions": [{"version": "10.0.26100.0", "lessThan": "10.0.26100.32690", "versionType": "custom", "status": "affected"}]}, {"vendor": "Microsoft", "product": "Windows Server 2025 (Server Core installation)", "platforms": ["x64-based Systems"], "versions": [{"version": "10.0.26100.0", "lessThan": "10.0.26100.32690", "versionType": "custom", "status": "affected"}]}], "descriptions": [{"value": "Integer size truncation in Windows Advanced Rasterization Platform (WARP) allows an unauthorized attacker to elevate privileges locally.", "lang": "en-US"}], "problemTypes": [{"descriptions": [{"description": "CWE-681: Incorrect Conversion between Numeric Types", "lang": "en-US", "type": "CWE", "cweId": "CWE-681"}, {"description": "CWE-190: Integer Overflow or Wraparound", "lang": "en-US", "type": "CWE", "cweId": "CWE-190"}]}], "providerMetadata": {"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft", "dateUpdated": "2026-05-12T17:38:59.308Z"}, "references": [{"name": "Windows Advanced Rasterization Platform Elevation of Privilege Vulnerability", "tags": ["vendor-advisory", "patch"], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-26178"}], "metrics": [{"format": "CVSS", "scenarios": [{"lang": "en-US", "value": "GENERAL"}], "cvssV3_1": {"version": "3.1", "baseSeverity": "HIGH", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C"}}]}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-04-10T00:00:00+00:00", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3", "id": "CVE-2026-26178"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-15T03:57:13.006Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-26178", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2026-04-14T19:11:44.643411Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-14T19:11:45.834Z"}}], "cna": {"title": "Windows Advanced Rasterization Platform Elevation of Privilege Vulnerability", "metrics": [{"format": "CVSS", "cvssV3_1": {"version": "3.1", "baseScore": 8.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C"}, "scenarios": [{"lang": "en-US", "value": "GENERAL"}]}], "affected": [{"vendor": "Microsoft", "product": "Windows 10 Version 1607", "versions": [{"status": "affected", "version": "10.0.14393.0", "lessThan": "10.0.14393.9060", "versionType": "custom"}], "platforms": ["32-bit Systems", "x64-based Systems"]}, {"vendor": "Microsoft", "product": "Windows 10 Version 1809", "versions": [{"status": "affected", "version": "10.0.17763.0", "lessThan": "10.0.17763.8644", "versionType": "custom"}], "platforms": ["32-bit Systems", "x64-based Systems"]}, {"vendor": "Microsoft", "product": "Windows 10 Version 21H2", "versions": [{"status": "affected", "version": "10.0.19044.0", "lessThan": "10.0.19044.7184", "versionType": "custom"}], "platforms": ["32-bit Systems", "ARM64-based Systems", "x64-based Systems"]}, {"vendor": "Microsoft", "product": "Windows 10 Version 22H2", "versions": [{"status": "affected", "version": "10.0.19045.0", "lessThan": "10.0.19045.7184", "versionType": "custom"}], "platforms": ["32-bit Systems", "ARM64-based Systems", "x64-based Systems"]}, {"vendor": "Microsoft", "product": "Windows 11 version 22H3", "versions": [{"status": "affected", "version": "10.0.22631.0", "lessThan": "10.0.22631.6936", "versionType": "custom"}], "platforms": ["ARM64-based Systems"]}, {"vendor": "Microsoft", "product": "Windows 11 Version 23H2", "versions": [{"status": "affected", "version": "10.0.22631.0", "lessThan": "10.0.22631.6936", "versionType": "custom"}], "platforms": ["x64-based Systems"]}, {"vendor": "Microsoft", "product": "Windows 11 Version 24H2", "versions": [{"status": "affected", "version": "10.0.26100.0", "lessThan": "10.0.26100.8246", "versionType": "custom"}], "platforms": ["ARM64-based Systems", "x64-based Systems"]}, {"vendor": "Microsoft", "product": "Windows 11 Version 25H2", "versions": [{"status": "affected", "version": "10.0.26200.0", "lessThan": "10.0.26200.8246", "versionType": "custom"}], "platforms": ["ARM64-based Systems", "x64-based Systems"]}, {"vendor": "Microsoft", "product": "Windows Server 2016", "versions": [{"status": "affected", "version": "10.0.14393.0", "lessThan": "10.0.14393.9060", "versionType": "custom"}], "platforms": ["x64-based Systems"]}, {"vendor": "Microsoft", "product": "Windows Server 2016 (Server Core installation)", "versions": [{"status": "affected", "version": "10.0.14393.0", "lessThan": "10.0.14393.9060", "versionType": "custom"}], "platforms": ["x64-based Systems"]}, {"vendor": "Microsoft", "product": "Windows Server 2019", "versions": [{"status": "affected", "version": "10.0.17763.0", "lessThan": "10.0.17763.8644", "versionType": "custom"}], "platforms": ["x64-based Systems"]}, {"vendor": "Microsoft", "product": "Windows Server 2019 (Server Core installation)", "versions": [{"status": "affected", "version": "10.0.17763.0", "lessThan": "10.0.17763.8644", "versionType": "custom"}], "platforms": ["x64-based Systems"]}, {"vendor": "Microsoft", "product": "Windows Server 2022", "versions": [{"status": "affected", "version": "10.0.20348.0", "lessThan": "10.0.20348.5020", "versionType": "custom"}], "platforms": ["x64-based Systems"]}, {"vendor": "Microsoft", "product": "Windows Server 2022, 23H2 Edition (Server Core installation)", "versions": [{"status": "affected", "version": "10.0.25398.0", "lessThan": "10.0.25398.2274", "versionType": "custom"}], "platforms": ["x64-based Systems"]}, {"vendor": "Microsoft", "product": "Windows Server 2025", "versions": [{"status": "affected", "version": "10.0.26100.0", "lessThan": "10.0.26100.32690", "versionType": "custom"}], "platforms": ["x64-based Systems"]}, {"vendor": "Microsoft", "product": "Windows Server 2025 (Server Core installation)", "versions": [{"status": "affected", "version": "10.0.26100.0", "lessThan": "10.0.26100.32690", "versionType": "custom"}], "platforms": ["x64-based Systems"]}], "datePublic": "2026-04-14T14:00:00.000Z", "references": [{"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-26178", "name": "Windows Advanced Rasterization Platform Elevation of Privilege Vulnerability", "tags": ["vendor-advisory", "patch"]}], "descriptions": [{"lang": "en-US", "value": "Integer size truncation in Windows Advanced Rasterization Platform (WARP) allows an unauthorized attacker to elevate privileges locally."}], "problemTypes": [{"descriptions": [{"lang": "en-US", "type": "CWE", "cweId": "CWE-681", "description": "CWE-681: Incorrect Conversion between Numeric Types"}, {"lang": "en-US", "type": "CWE", "cweId": "CWE-190", "description": "CWE-190: Integer Overflow or Wraparound"}]}], "cpeApplicability": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:*", "vulnerable": true, "versionEndExcluding": "10.0.17763.8644", "versionStartIncluding": "10.0.17763.0"}, {"criteria": "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "10.0.17763.8644", "versionStartIncluding": "10.0.17763.0"}, {"criteria": "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "10.0.17763.8644", "versionStartIncluding": "10.0.17763.0"}, {"criteria": "cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "10.0.20348.5020", "versionStartIncluding": "10.0.20348.0"}, {"criteria": "cpe:2.3:o:microsoft:windows_10_21H2:*:*:*:*:*:*:x86:*", "vulnerable": true, "versionEndExcluding": "10.0.19044.7184", "versionStartIncluding": "10.0.19044.0"}, {"criteria": "cpe:2.3:o:microsoft:windows_10_22H2:*:*:*:*:*:*:x64:*", "vulnerable": true, "versionEndExcluding": "10.0.19045.7184", "versionStartIncluding": "10.0.19045.0"}, {"criteria": "cpe:2.3:o:microsoft:windows_server_2025:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "10.0.26100.32690", "versionStartIncluding": "10.0.26100.0"}, {"criteria": "cpe:2.3:o:microsoft:windows_11_25H2:*:*:*:*:*:*:arm64:*", "vulnerable": true, "versionEndExcluding": "10.0.26200.8246", "versionStartIncluding": "10.0.26200.0"}, {"criteria": "cpe:2.3:o:microsoft:windows_11_23H2:*:*:*:*:*:*:arm64:*", "vulnerable": true, "versionEndExcluding": "10.0.22631.6936", "versionStartIncluding": "10.0.22631.0"}, {"criteria": "cpe:2.3:o:microsoft:windows_11_23H2:*:*:*:*:*:*:x64:*", "vulnerable": true, "versionEndExcluding": "10.0.22631.6936", "versionStartIncluding": "10.0.22631.0"}, {"criteria": "cpe:2.3:o:microsoft:windows_server_23h2:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "10.0.25398.2274", "versionStartIncluding": "10.0.25398.0"}, {"criteria": "cpe:2.3:o:microsoft:windows_11_24H2:*:*:*:*:*:*:arm64:*", "vulnerable": true, "versionEndExcluding": "10.0.26100.8246", "versionStartIncluding": "10.0.26100.0"}, {"criteria": "cpe:2.3:o:microsoft:windows_server_2025:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "10.0.26100.32690", "versionStartIncluding": "10.0.26100.0"}, {"criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x86:*", "vulnerable": true, "versionEndExcluding": "10.0.14393.9060", "versionStartIncluding": "10.0.14393.0"}, {"criteria": "cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "10.0.14393.9060", "versionStartIncluding": "10.0.14393.0"}, {"criteria": "cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "10.0.14393.9060", "versionStartIncluding": "10.0.14393.0"}], "operator": "OR"}]}], "providerMetadata": {"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft", "dateUpdated": "2026-05-12T17:38:59.308Z"}}}, "cveMetadata": {"cveId": "CVE-2026-26178", "state": "PUBLISHED", "dateUpdated": "2026-05-12T17:38:59.308Z", "dateReserved": "2026-02-11T18:33:57.777Z", "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "datePublished": "2026-04-14T16:58:03.225Z", "assignerShortName": "microsoft"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x64:*", "matchCriteriaId": "158C16A3-547E-4130-8428-8E429C37E573", "versionEndExcluding": "10.0.14393.9060", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x86:*", "matchCriteriaId": "58E1A340-D49A-4EBB-A750-876922ACD5CA", "versionEndExcluding": "10.0.14393.9060", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*", "matchCriteriaId": "64248504-2307-45FC-8FF3-7A227CFD8675", "versionEndExcluding": "10.0.17763.8644", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:*", "matchCriteriaId": "9B1465B1-BDE6-4634-8F12-43F71D68A4D6", "versionEndExcluding": "10.0.17763.8644", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:arm64:*", "matchCriteriaId": "88A175C4-E033-4FE7-B2BF-8BAE14321BC4", "versionEndExcluding": "10.0.19044.7184", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:x64:*", "matchCriteriaId": "86DBF14A-F486-4FE7-9126-D1D54952FC6C", "versionEndExcluding": "10.0.19044.7184", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:x86:*", "matchCriteriaId": "C375372B-D3D4-4B11-AAD8-69AC344C24BC", "versionEndExcluding": "10.0.19044.7184", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:arm64:*", "matchCriteriaId": "8CE2E268-E776-4697-9E43-33ABA4CDBE05", "versionEndExcluding": "10.0.19045.7184", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:x64:*", "matchCriteriaId": "269B8E88-6473-41DD-BA33-D9184B82CA58", "versionEndExcluding": "10.0.19045.7184", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:x86:*", "matchCriteriaId": "FCBB431B-EF21-4454-BDA3-D8F276BE7A64", "versionEndExcluding": "10.0.19045.7184", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_11_23h2:*:*:*:*:*:*:arm64:*", "matchCriteriaId": "B33CE091-B873-4C30-BA05-54A8C1839212", "versionEndExcluding": "10.0.22631.6936", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_11_23h2:*:*:*:*:*:*:x64:*", "matchCriteriaId": "E3AF28F3-D486-4B88-9E0E-371241024174", "versionEndExcluding": "10.0.22631.6936", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_11_24h2:*:*:*:*:*:*:arm64:*", "matchCriteriaId": "94EB36C7-1FF2-4B44-AD91-F3540F09393E", "versionEndExcluding": "10.0.26100.8246", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_11_24h2:*:*:*:*:*:*:x64:*", "matchCriteriaId": "14B23C3F-C8AC-491A-BCA5-EB6982C8F9E9", "versionEndExcluding": "10.0.26100.8246", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_11_25h2:*:*:*:*:*:*:arm64:*", "matchCriteriaId": "361B5DAB-8D1F-45D7-A33C-F49EBA56B5F8", "versionEndExcluding": "10.0.26200.8246", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_11_25h2:*:*:*:*:*:*:x64:*", "matchCriteriaId": "ADC6CE99-AB5D-4DD5-82A9-892366C4B2FD", "versionEndExcluding": "10.0.26200.8246", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*", "matchCriteriaId": "982DB0CA-5196-4E42-B2F7-994BE8179715", "versionEndExcluding": "10.0.14393.9060", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*", "matchCriteriaId": "647CF9B5-8898-469B-9C09-D372A7843187", "versionEndExcluding": "10.0.17763.8644", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:*", "matchCriteriaId": "DC6837B7-5DFD-4AF7-B436-3C6FEF48BA60", "versionEndExcluding": "10.0.20348.5020", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_server_2022_23h2:*:*:*:*:*:*:*:*", "matchCriteriaId": "55A1F3AB-5299-4495-9A73-FDA23C6FD88D", "versionEndExcluding": "10.0.25398.2274", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_server_2025:*:*:*:*:*:*:*:*", "matchCriteriaId": "ADF41A14-B9DA-4788-82A8-74DCDCD090E1", "versionEndExcluding": "10.0.26100.32690", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Integer size truncation in Windows Advanced Rasterization Platform (WARP) allows an unauthorized attacker to elevate privileges locally."}], "id": "CVE-2026-26178", "lastModified": "2026-04-23T18:43:47.610", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "secure@microsoft.com", "type": "Secondary"}]}, "published": "2026-04-14T18:16:53.690", "references": [{"source": "secure@microsoft.com", "tags": ["Vendor Advisory"], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-26178"}], "sourceIdentifier": "secure@microsoft.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-190"}, {"lang": "en", "value": "CWE-681"}], "source": "secure@microsoft.com", "type": "Secondary"}]}

{}

{"affected": [{"configurations": [{"platform": ["32-bit_systems", "x64-based_systems"], "status": "affected", "versions": {"scheme": "generic", "value": "[10.0.14393.0,10.0.14393.9060)"}}], "enrichment": {"confidence": 86.0, "confidence_source": "matching", "scores": [{"score": 86.0, "source": "matching"}]}, "original": {"product": "Windows 10 Version 1607", "source": "cna", "vendor": "Microsoft"}, "product": "windows_10_1607", "vendor": "microsoft"}, {"configurations": [{"platform": ["32-bit_systems", "x64-based_systems"], "status": "affected", "versions": {"scheme": "generic", "value": "[10.0.17763.0,10.0.17763.8644)"}}], "enrichment": {"confidence": 86.0, "confidence_source": "matching", "scores": [{"score": 86.0, "source": "matching"}]}, "original": {"product": "Windows 10 Version 1809", "source": "cna", "vendor": "Microsoft"}, "product": "windows_10_1809", "vendor": "microsoft"}, {"configurations": [{"platform": ["32-bit_systems", "arm64-based_systems", "x64-based_systems"], "status": "affected", "versions": {"scheme": "generic", "value": "[10.0.19044.0,10.0.19044.7184)"}}], "enrichment": {"confidence": 86.0, "confidence_source": "matching", "scores": [{"score": 86.0, "source": "matching"}]}, "original": {"product": "Windows 10 Version 21H2", "source": "cna", "vendor": "Microsoft"}, "product": "windows_10_21h2", "vendor": "microsoft"}, {"configurations": [{"platform": ["32-bit_systems", "arm64-based_systems", "x64-based_systems"], "status": "affected", "versions": {"scheme": "generic", "value": "[10.0.19045.0,10.0.19045.7184)"}}], "enrichment": {"confidence": 86.0, "confidence_source": "matching", "scores": [{"score": 86.0, "source": "matching"}]}, "original": {"product": "Windows 10 Version 22H2", "source": "cna", "vendor": "Microsoft"}, "product": "windows_10_22h2", "vendor": "microsoft"}, {"configurations": [{"platform": ["arm64-based_systems"], "status": "affected", "versions": {"scheme": "generic", "value": "[10.0.22631.0,10.0.22631.6936)"}}], "enrichment": {"confidence": 86.0, "confidence_source": "matching", "scores": [{"score": 86.0, "source": "matching"}]}, "original": {"product": "Windows 11 version 22H3", "source": "cna", "vendor": "Microsoft"}, "product": "windows_11_22h3", "vendor": "microsoft"}, {"configurations": [{"platform": ["x64-based_systems"], "status": "affected", "versions": {"scheme": "generic", "value": "[10.0.22631.0,10.0.22631.6936)"}}], "enrichment": {"confidence": 86.0, "confidence_source": "matching", "scores": [{"score": 86.0, "source": "matching"}]}, "original": {"product": "Windows 11 Version 23H2", "source": "cna", "vendor": "Microsoft"}, "product": "windows_11_23h2", "vendor": "microsoft"}, {"configurations": [{"platform": ["arm64-based_systems", "x64-based_systems"], "status": "affected", "versions": {"scheme": "generic", "value": "[10.0.26100.0,10.0.26100.32690)"}}], "enrichment": {"confidence": 86.0, "confidence_source": "matching", "scores": [{"score": 86.0, "source": "matching"}]}, "original": {"product": "Windows 11 Version 24H2", "source": "cna", "vendor": "Microsoft"}, "product": "windows_11_24h2", "vendor": "microsoft"}, {"configurations": [{"platform": ["arm64-based_systems", "x64-based_systems"], "status": "affected", "versions": {"scheme": "generic", "value": "[10.0.26200.0,10.0.26200.8246)"}}], "enrichment": {"confidence": 86.0, "confidence_source": "matching", "scores": [{"score": 86.0, "source": "matching"}]}, "original": {"product": "Windows 11 Version 25H2", "source": "cna", "vendor": "Microsoft"}, "product": "windows_11_25h2", "vendor": "microsoft"}, {"configurations": [{"platform": ["x64-based_systems"], "status": "affected", "versions": {"scheme": "generic", "value": "[10.0.14393.0,10.0.14393.9060)"}}], "enrichment": {"confidence": 100.0, "confidence_source": "matching", "scores": [{"score": 100.0, "source": "matching"}]}, "original": {"product": "Windows Server 2016", "source": "cna", "vendor": "Microsoft"}, "product": "windows_server_2016", "vendor": "microsoft"}, {"configurations": [{"platform": ["x64-based_systems"], "status": "affected", "versions": {"scheme": "generic", "value": "[10.0.14393.0,10.0.14393.9060)"}}], "enrichment": {"confidence": 100.0, "confidence_source": "matching", "scores": [{"score": 100.0, "source": "matching"}]}, "original": {"product": "Windows Server 2016 (Server Core installation)", "source": "cna", "vendor": "Microsoft"}, "product": "windows_server_2016_(server_core_installation)", "vendor": "microsoft"}, {"configurations": [{"platform": ["x64-based_systems"], "status": "affected", "versions": {"scheme": "generic", "value": "[10.0.17763.0,10.0.17763.8644)"}}], "enrichment": {"confidence": 100.0, "confidence_source": "matching", "scores": [{"score": 100.0, "source": "matching"}]}, "original": {"product": "Windows Server 2019", "source": "cna", "vendor": "Microsoft"}, "product": "windows_server_2019", "vendor": "microsoft"}, {"configurations": [{"platform": ["x64-based_systems"], "status": "affected", "versions": {"scheme": "generic", "value": "[10.0.17763.0,10.0.17763.8644)"}}], "enrichment": {"confidence": 100.0, "confidence_source": "matching", "scores": [{"score": 100.0, "source": "matching"}]}, "original": {"product": "Windows Server 2019 (Server Core installation)", "source": "cna", "vendor": "Microsoft"}, "product": "windows_server_2019_(server_core_installation)", "vendor": "microsoft"}, {"configurations": [{"platform": ["x64-based_systems"], "status": "affected", "versions": {"scheme": "generic", "value": "[10.0.20348.0,10.0.20348.5020)"}}], "enrichment": {"confidence": 100.0, "confidence_source": "matching", "scores": [{"score": 100.0, "source": "matching"}]}, "original": {"product": "Windows Server 2022", "source": "cna", "vendor": "Microsoft"}, "product": "windows_server_2022", "vendor": "microsoft"}, {"configurations": [{"platform": ["x64-based_systems"], "status": "affected", "versions": {"scheme": "generic", "value": "[10.0.25398.0,10.0.25398.2274)"}}], "enrichment": {"confidence": 100.0, "confidence_source": "matching", "scores": [{"score": 100.0, "source": "matching"}]}, "original": {"product": "Windows Server 2022, 23H2 Edition (Server Core installation)", "source": "cna", "vendor": "Microsoft"}, "product": "windows_server_2022,_23h2_edition_(server_core_installation)", "vendor": "microsoft"}, {"configurations": [{"platform": ["x64-based_systems"], "status": "affected", "versions": {"scheme": "generic", "value": "[10.0.26100.0,10.0.26100.32690)"}}], "enrichment": {"confidence": 100.0, "confidence_source": "matching", "scores": [{"score": 100.0, "source": "matching"}]}, "original": {"product": "Windows Server 2025", "source": "cna", "vendor": "Microsoft"}, "product": "windows_server_2025", "vendor": "microsoft"}, {"configurations": [{"platform": ["x64-based_systems"], "status": "affected", "versions": {"scheme": "generic", "value": "[10.0.26100.0,10.0.26100.32690)"}}], "enrichment": {"confidence": 100.0, "confidence_source": "matching", "scores": [{"score": 100.0, "source": "matching"}]}, "original": {"product": "Windows Server 2025 (Server Core installation)", "source": "cna", "vendor": "Microsoft"}, "product": "windows_server_2025_(server_core_installation)", "vendor": "microsoft"}], "analysis": {"en": {"generated_at": "2026-04-14T18:38:09.403100+00:00", "value": {"mitigation_remediation": ["Download and install the latest Windows update that addresses CVE-2026-26178 from the Microsoft Security Update Guide.", "Confirm that the update has been applied by verifying the build number or via the Windows Update status page.", "If immediate patching is not possible, limit the use of graphics-intensive applications that invoke WARP, or disable the WARP component if configuration permits.", "Maintain a regular patching cadence, and monitor for new advisories or hotfixes from Microsoft related to this issue."], "summary": {"action": "Immediate Patch", "impact": "Local Privilege Escalation"}, "threat_synthesis": {"affected_systems": "Microsoft Windows 10 versions 1607, 1809, 21H2, and 22H2; Microsoft Windows 11 versions 23H2, 24H2, 25H2, and 22H3; Microsoft Windows Server 2016 (including Server Core), 2019 (including Server Core), 2022, 2025, and the 23H2 edition. All these releases include the vulnerable WARP component as listed in the Common Platform Enumeration references.", "description_and_impact": "An integer size truncation flaw exists in the Windows Advanced Rasterization Platform (WARP). This defect can allow an attacker who has local access or can supply crafted data to the rendering engine to obtain elevated privileges on the affected system. The vulnerability stems from incorrect integer handling and type conversion, as reflected in the associated CWE-190 and CWE-681 identifiers. If exploited, the attacker could execute arbitrary code with higher privileges, potentially compromising system integrity and confidentiality.", "risk_and_exploitability": "The CVSS score of 8.8 categorizes this flaw as a high severity issue. While no EPSS score is available and the vulnerability is not listed in CISA\u2019s KEV catalog, the local context of the attack vector means that an adversary must already have some foothold on the host to deliver the exploit payload. Once the local attacker triggers the integer truncation within WARP, administrative privileges can be granted, enabling complete takeover of the system. The lack of a publicly known exploit does not reduce the need for quick remediation, as local privilege escalation opportunities are routinely leveraged by threat actors."}}}}, "created": "2026-04-15T14:45:03.402795+00:00", "updated": "2026-04-15T20:45:06.175376+00:00", "vendors": ["microsoft", "microsoft$PRODUCT$windows_10_1607", "microsoft$PRODUCT$windows_10_1809", "microsoft$PRODUCT$windows_10_21h2", "microsoft$PRODUCT$windows_10_22h2", "microsoft$PRODUCT$windows_11_22h3", "microsoft$PRODUCT$windows_11_23h2", "microsoft$PRODUCT$windows_11_24h2", "microsoft$PRODUCT$windows_11_25h2", "microsoft$PRODUCT$windows_server_2016", "microsoft$PRODUCT$windows_server_2016_(server_core_installation)", "microsoft$PRODUCT$windows_server_2019", "microsoft$PRODUCT$windows_server_2019_(server_core_installation)", "microsoft$PRODUCT$windows_server_2022", "microsoft$PRODUCT$windows_server_2022,_23h2_edition_(server_core_installation)", "microsoft$PRODUCT$windows_server_2025", "microsoft$PRODUCT$windows_server_2025_(server_core_installation)"]}