CVE-2026-41091: Microsoft Defender Link Following Vulnerability

Improper link resolution before file access ('link following') in Microsoft Defender allows an authorized attacker to elevate privileges locally.
CVE-2026-41091CVSS 7.8CISA KEVWindows

CVE-2026-41091: Microsoft Defender Link Following Vulnerability

Improper link resolution before file access ('link following') in Microsoft Defender allows an authorized attacker to elevate privileges locally.

CVSS
7.8 HIGH
EPSS
94.29%
Known exploited
yes
Product
Defender

What is known

Improper link resolution before file access ('link following') in Microsoft Defender allows an authorized attacker to elevate privileges locally.

Sources