~/cve/CVE-2026-27912

pipeline liveDigest Docs

CVE-2026-27912

published 2026-04-14

CVE-2026-27912: Improper authorization in Windows Kerberos allows an authorized attacker to elevate privileges over an adjacent network.

high8CVSS 3.1

AVAACLPRLUINSUCHIHAH

Improper authorization in Windows Kerberos allows an authorized attacker to elevate privileges over an adjacent network.

Affected

12 ranges

Vendor	Product	Version range	Fixed in
microsoft	windows_server_2012	—	—
microsoft	windows_server_2012	>= 6.2.9200.0 < 6.2.9200.26026	6.2.9200.26026
microsoft	windows_server_2012_r2	>= 6.3.9600.0 < 6.3.9600.23132	6.3.9600.23132
microsoft	windows_server_2016	< 10.0.14393.9060	10.0.14393.9060
microsoft	windows_server_2016	>= 10.0.14393.0 < 10.0.14393.9060	10.0.14393.9060
microsoft	windows_server_2019	< 10.0.17763.8644	10.0.17763.8644
microsoft	windows_server_2019	>= 10.0.17763.0 < 10.0.17763.8644	10.0.17763.8644
microsoft	windows_server_2022	< 10.0.20348.5020	10.0.20348.5020
microsoft	windows_server_2022	>= 10.0.20348.0 < 10.0.20348.5020	10.0.20348.5020
microsoft	windows_server_2022_23h2	< 10.0.25398.2274	10.0.25398.2274
microsoft	windows_server_2025	< 10.0.26100.32690	10.0.26100.32690
microsoft	windows_server_2025	>= 10.0.26100.0 < 10.0.26100.32690	10.0.26100.32690