CVE-2026-20865: Use after free in Windows Management Services allows an authorized attacker to elevate privileges locally.

high7.8CVSS 3.1

AVLACHPRLUINSCCHIHAH

Use after free in Windows Management Services allows an authorized attacker to elevate privileges locally.

Affected

30 ranges· showing 25

Vendor	Product	Version range	Fixed in
microsoft	windows_10_1809	< 10.0.17763.8276	10.0.17763.8276
microsoft	windows_10_21h2	< 10.0.19044.6809	10.0.19044.6809
microsoft	windows_10_22h2	< 10.0.19045.6809	10.0.19045.6809
microsoft	windows_10_version_1809	>= 10.0.17763.0 < 10.0.17763.8276	10.0.17763.8276
microsoft	windows_10_version_21h2	>= 10.0.19044.0 < 10.0.19044.6809	10.0.19044.6809
microsoft	windows_10_version_22h2	>= 10.0.19045.0 < 10.0.19045.6809	10.0.19045.6809
microsoft	windows_11_23h2	< 10.0.22631.6491	10.0.22631.6491
microsoft	windows_11_24h2	< 10.0.26100.7623	10.0.26100.7623
microsoft	windows_11_25h2	< 10.0.26200.7623	10.0.26200.7623
microsoft	windows_11_version_22h3	>= 10.0.22631.0 < 10.0.22631.6491	10.0.22631.6491
microsoft	windows_11_version_23h2	>= 10.0.22631.0 < 10.0.22631.6491	10.0.22631.6491
microsoft	windows_11_version_24h2	>= 10.0.26100.0 < 10.0.26100.7623	10.0.26100.7623
microsoft	windows_11_version_25h2	>= 10.0.26200.0 < 10.0.26200.7623	10.0.26200.7623
microsoft	windows_server_2019	< 10.0.17763.8276	10.0.17763.8276
microsoft	windows_server_2019	>= 10.0.17763.0 < 10.0.17763.8276	10.0.17763.8276
microsoft	windows_server_2022	< 10.0.20348.4648	10.0.20348.4648
microsoft	windows_server_2022	>= 10.0.20348.0 < 10.0.20348.4648	10.0.20348.4648
microsoft	windows_server_2022_23h2	< 10.0.25398.2092	10.0.25398.2092
microsoft	windows_server_2025	< 10.0.26100.32230	10.0.26100.32230
microsoft	windows_server_2025	>= 10.0.26100.0 < 10.0.26100.32230	10.0.26100.32230
msrc	windows_10_version_1809	—	—
msrc	windows_10_version_21h2	—	—
msrc	windows_10_version_22h2	—	—
msrc	windows_11_version_23h2	—	—
msrc	windows_11_version_24h2	—	—