Find notable cyber news and cases, enriched with sources, timelines, and signals.
Home Watchlists Beta Browse News Feed Stats About Contact

Windows Collaborative Translation Framework CTFMON improper link resolution EoP security flaw (CVE-2026-45586)

Vulnerability
First reported
Last updated
Happening score
H score 20
1 unique sources, 1 articles

Summary

Hide ▲

Windows Collaborative Translation Framework (CTFMON) has a local privilege-escalation vulnerability, CVE-2026-45586, that Microsoft patched in June 2026. An authorized attacker can abuse improper link resolution to gain SYSTEM-level privileges on affected Windows systems. Microsoft says the flaw was publicly disclosed, but it is not known to have been exploited in attacks.

Related Happenings

CCB urgent patch warning for CVE-2026-41089 on Windows servers

Public Sector Action
First: 01.06.2026 15:30 Last: 01.06.2026 15:30 Sources 1

About this happening: Belgium's **CCB** warned that **CVE-2026-41089** is being **actively exploited in the wild**, urging admins to **immediately patch** vulnerable **Windows servers** because the fla...

Open Happening

CISA orders FCEB remediation for CVE-2025-60710

Public Sector Action
First: 15.04.2026 17:51 Last: 15.04.2026 17:51 Sources 1

About this happening: CISA added **CVE-2025-60710** to its **actively exploited** catalog and gave **FCEB agencies** **two weeks** to secure systems under **BOD 22-01**. The move targets a **Windows Ta...

Open Happening

Timeline

  1. 09.06.2026 20:57 2 articles · 2h ago

    Microsoft patches CVE-2026-45586 in Windows Collaborative Translation Framework

    Mitigation Patch Update

    Microsoft's June 2026 Patch Tuesday includes a fix for CVE-2026-45586, a publicly disclosed elevation-of-privilege flaw in Windows Collaborative Translation Framework (CTFMON). Improper link resolution before file access ('link following') can let an authorized attacker elevate privileges locally to SYSTEM on affected Windows systems.

    Show sources
    Open in new tab