CVE-2026-47648
HIGHDescription
Untrusted search path in Windows Storage allows an authorized attacker to elevate privileges locally.
CVSS v3.1 Score
EPSS — Exploit Prediction
EPSS estimates the probability that this vulnerability will be exploited in the wild within the next 30 days. A higher score means more likely to be exploited.
Weakness Type (CWE)
Affected Products
| Vendor | Product |
|---|---|
| microsoft | windows_10_1607 |
| microsoft | windows_10_1607 |
| microsoft | windows_10_1809 |
| microsoft | windows_10_1809 |
| microsoft | windows_10_21h2 |
| microsoft | windows_10_21h2 |
| microsoft | windows_10_21h2 |
| microsoft | windows_10_22h2 |
| microsoft | windows_10_22h2 |
| microsoft | windows_10_22h2 |
| microsoft | windows_11_23h2 |
| microsoft | windows_11_23h2 |
| microsoft | windows_11_24h2 |
| microsoft | windows_11_24h2 |
| microsoft | windows_11_25h2 |
| microsoft | windows_11_25h2 |
| microsoft | windows_11_26h1 |
| microsoft | windows_11_26h1 |
| microsoft | windows_server_2012 |
| microsoft | windows_server_2012 |
| microsoft | windows_server_2016 |
| microsoft | windows_server_2019 |
| microsoft | windows_server_2022 |
| microsoft | windows_server_2025 |
References
Advisories & Patches
Frequently Asked Questions
What is CVE-2026-47648? +
How severe is CVE-2026-47648? +
What products are affected by CVE-2026-47648? +
How do I check if I'm vulnerable to CVE-2026-47648? +
Related Vulnerabilities
There is a defect in the CPython standard library module “mimetypes” where on Windows the default list of known file …
Rufus is a utility that helps format and create bootable USB flash drives. A DLL hijacking vulnerability in Rufus 4.6.2208 …
Broadcom Automic Automation Agent Unix versions < 24.3.0 HF4 and < 21.0.13 HF1 allow low privileged users who have execution …
An incorrect privilege assignment vulnerability in the Palo Alto Networks GlobalProtect™ App on enables a locally authenticated non administrative user …
In Seagate Toolkit on Windows a vulnerability exists in the Toolkit Installer prior to versions 2.35.0.6 where it attempts to …
Untrusted Search Path vulnerability in OpenText™ Application Lifecycle Management (ALM),Quality Center allows Code Inclusion. The vulnerability allows a user to …