Description
Use after free in Windows DWM allows an authorized attacker to elevate privileges locally.
CVSS vector
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.0 | Impact: 5.9Attack Vector: Local
Complexity: High
Privileges: Low
User Interaction: None
Scope: Unchanged
Confidentiality: High
Integrity: High
Availability: High
Affected Packages14 packages
🔴Vulnerability Details
2CVEListMicrosoft DWM Core Library Elevation of Privilege Vulnerability↗2026-01-13 GHSAGHSA-4f9p-rpf6-78qv: Use after free in Windows DWM allows an authorized attacker to elevate privileges locally↗2026-01-13 📋Vendor Advisories
1MicrosoftMicrosoft DWM Core Library Elevation of Privilege Vulnerability↗2026-01-13 🕵️Threat Intelligence
1WizCVE-2026-20842 Impact, Exploitability, and Mitigation Steps | Wiz↗