Find notable cyber news and cases, enriched with sources, timelines, and signals.

Microsoft Windows Admin Center patch for CVE-2026-26119

Security Patch Release
First reported
Last updated
Happening score
H score 30
1 unique sources, 1 articles

Summary

Hide ▲

Microsoft shipped Windows Admin Center version 2511 to patch CVE-2026-26119, closing an improper authentication flaw that could let an authorized attacker elevate privileges over a network. The fix matters because the issue carried a CVSS 8.8/10.0 rating and affected a locally deployed management tool used to administer Windows Clients, Servers, and Clusters. Microsoft said the vulnerability had not been seen exploited in the wild, but it was still tagged "Exploitation More Likely". The patch was credited to version 2511 released in December 2025, with a public advisory following on February 17, 2026.

Related Happenings

Microsoft releases RoguePlanet Defender security update for CVE-2026-50656

Security Patch Release
H score32 First: 17.06.2026 20:36 Last: 17.06.2026 20:36 Sources 1

About this happening: **Microsoft** has released a **security update** for **CVE-2026-50656**, remediating **RoguePlanet** in the **Microsoft Malware Protection Engine (mpengine.dll)**. The flaw is a *...

Latest development: 09.07.2026 11:48

Microsoft released security updates for CVE-2026-50656, remediating the RoguePlanet privilege-escalation flaw in Microsoft Malware Protection Engine (mpengine.dll) with version 1.1.26060.3008 and additional defense-in-depth updates. Microsoft said no customer action is required to install the update.

Microsoft hit by cyberattack

Incident
H score68 First: 09.06.2026 18:42 Last: 09.06.2026 18:42 Sources 1

About this happening: A **Microsoft** GitHub repository removal incident in **June 2026** disrupted **continuous integration pipelines** and briefly broke **Azure/functions-action** workflows used by d...

CCB urgent patch warning for CVE-2026-41089 on Windows servers

Public Sector Action
H score48 First: 01.06.2026 15:30 Last: 01.06.2026 15:30 Sources 1

About this happening: Belgium's **CCB** warned that **CVE-2026-41089** is being **actively exploited in the wild**, urging admins to **immediately patch** vulnerable **Windows servers** because the fla...

Microsoft security patch release for CVE-2026-45659

Security Patch Release
H score23 First: 26.05.2026 14:49 Last: 26.05.2026 14:49 Sources 1

About this happening: Microsoft released **SharePoint** updates for **CVE-2026-45659**, a **remote code execution** flaw that could let an authenticated attacker run code over the network without eleva...

Azure Backup for AKS Trusted Access permission tightening

Security Patch Release
H score8 First: 16.05.2026 23:55 Last: 16.05.2026 23:55 Sources 1

About this happening: **Microsoft** appears to have silently tightened **Azure Backup for AKS**, closing a **Trusted Access** authorization path that could let a low-privileged role reach **cluster-adm...

Timeline

  1. 17.02.2026 02:00 2 articles · 4mo ago

    Microsoft discloses CVE-2026-26119 in Windows Admin Center

    Initial Disclosure

    Microsoft disclosed a now-patched Windows Admin Center privilege-escalation flaw, CVE-2026-26119, in an advisory released on February 17, 2026. The high-severity issue carried a CVSS 8.8/10.0 rating and stemmed from improper authentication that could let an authorized attacker elevate privileges over a network and gain the rights of the user running the affected application; Microsoft said the flaw was patched in Windows Admin Center version 2511 released in December 2025 and credited Semperis researcher Andrea Pierini with discovering and reporting it.

    Show sources