It’s time once again for Patch Tuesday, and this one is huge. We’ve also got multiple exploits in the wild, which adds another layer of urgency to this month’s release. Take a break from your regularly scheduled activities, and let’s take a look at the latest security patches from Adobe and Microsoft. If you’d rather watch the full video recap covering the entire release, you can check it out here:

Adobe Patches for April 2026

For April, Adobe released 12 bulletins addressing 61 unique CVEs in Adobe Acrobat Reader, InDesign, InCopy, FrameMaker, Connect, ColdFusion, Bridge, Photoshop, Illustrator, Experience Manager Screens, and the Adobe DNG SDK. Three of the Cold Fusion bugs came through the TrendAI ZDI program. For this month, I’m introducing an Adobe table as well. I’d love to get your feedback on whether this is helpful.

Bulletin ID	Product	CVE Count	Highest Severity	Highest CVSS	Exploited	Deployment Priority
APSB26-43	Adobe Acrobat Reader	1	Critical	8.6	Yes	1
APSB26-44	Adobe Acrobat Reader	2	Critical	8.6	No	2
APSB26-32	Adobe InDesign	9	Critical	7.8	No	3
APSB26-33	Adobe InCopy	2	Critical	7.8	No	3
APSB26-36	Adobe FrameMaker	11	Critical	8.6	No	3
APSB26-37	Adobe Connect	9	Critical	9.6	No	3
APSB26-38	Adobe ColdFusion	7	Critical	9.3	No	1
APSB26-39	Adobe Bridge	6	Critical	7.8	No	3
APSB26-40	Adobe Photoshop	1	Critical	7.8	No	3
APSB26-42	Adobe Illustrator	1	Critical	7.8	No	3
APSB26-34	Adobe Experience Manager Screens	9	Important	5.4	No	3
APSB26-41	Adobe DNG SDK	3	Important	5.5	No	3

Obviously, the active attack in Reader is the highest priority for this month, but don’t ignore the second bunch of Reader patches. Cold Fusion also gets a deployment priority of 1, so if you’re still running that platform, make sure you get the update. Otherwise, the FrameMaker and Connect patches fix 11 and nine bugs, respectively. InDesign and Experience Manager Screens also have nine CVEs addressed.

Outside of the Reader bug, none of the other bugs fixed by Adobe this month are listed as publicly known or under active attack at the time of release. One of the Reader bugs and Cold Fusion have a deployment priority of one, the other Reader bug has a priority of two, while all of the other updates released by Adobe this month are listed as deployment priority 3.

Microsoft Patches for April 2026

This month, Microsoft released a monstrous 163 new CVEs in Windows and Windows components, Office and Office Components, Microsoft Edge (Chromium-based), Azure, .NET and Visual Studio, SQL Server, Hyper-V Server, BitLocker, and the Windows Wallet Service. Counting the third-party and a huge Chromium release, it brings the total number of CVEs to a staggering 247 updates. Six of these bugs were reported through the TrendAI ZDI program. Eight of these bugs are rated Critical, two are rated as Moderate, and the rest are rated Important in severity.

By my count, this is the second-largest monthly release in Microsoft’s history. There are many things we could speculate on to justify the size, but if Microsoft is like the other programs out there (including ours), they are likely seeing a rise in submissions found by AI tools. For us, our incoming rate has essentially tripled, making triage a challenge, to say the least. Whatever the reason, we have a lot of bugs to deal with this month. I should also point out that the Pwn2Own Berlin occurs next month, and it’s typical for vendors to patch as much as they can before the event.

There is one Microsoft bug listed as under active attack at the time of release, and one other that’s publicly known. Let’s take a closer look at some of the more interesting updates for this month, starting with the vulnerability being exploited in the wild:

-    CVE-2026-32201 - Microsoft SharePoint Server Spoofing Vulnerability
Microsoft doesn’t provide a lot of information about this bug, but Spoofing bugs in SharePoint often manifest as cross-site scripting (XSS) bugs. They do note that attackers could view information or make changes to disclosed information. As always, they don’t provide any information on how widespread these attacks are, but I wouldn’t wait to test and deploy this fix – especially if you have internet-connected SharePoint servers.

-    CVE-2026-33825 - Microsoft Defender Elevation of Privilege Vulnerability
This bug is listed as publicly known, and this time, we know exactly where it was disclosed. There have been some questions about how exploitable this bug may be, but it does look like it’s a real problem – just with some reliability issues in its current state. I won’t add on to the commentary from the researcher about working with Microsoft. I’m just glad they are offering a fix for the vulnerability. If you rely on Defender, test and deploy this one quickly.

-   CVE-2026-33827 - Windows TCP/IP Remote Code Execution Vulnerability
This vulnerability allows remote, unauthenticated attackers to exploit code on affected systems without user interaction. That adds up to a wormable bug – at least on systems with IPv6 and IPSec enabled. It is a race condition, which sets exploitability to High on the CVSS scale, but we see race conditions exploited at Pwn2Own all the time, so don’t rely on that obstacle. If you’re running IPv6, I would test and deploy this fix quickly before public exploits become available.

-    CVE-2026-33824 - Windows Internet Key Exchange (IKE) Service Extensions Remote Code Execution Vulnerability
Speaking of wormable bugs, here’s our second one this month. By the title, we can tell that systems with IKE enabled are affected, but that leaves plenty of targets for attackers. Microsoft also notes a significant mitigation for this bug. Blocking UDP ports 500 and 4500 at the perimeter prevents external attackers from reaching the affected service. However, insiders could still target this for lateral movement within an enterprise. For enterprises using IKE, get this fix tested and deployed with haste.

Here’s the full list of CVEs released by Microsoft for April 2026:

CVE	Title	Severity	CVSS	Public	Exploited	Type
CVE-2026-32201	Microsoft SharePoint Server Spoofing Vulnerability	Important	6.5	No	Yes	Spoofing
CVE-2026-5281 *	Chromium: CVE-2026-5281 Use after free in Dawn	High	N/A	No	Yes	RCE
CVE-2026-33825	Microsoft Defender Elevation of Privilege Vulnerability	Important	7.8	Yes	No	EoP
CVE-2026-23666	.NET Framework Denial of Service Vulnerability	Critical	7.5	No	No	DoS
CVE-2026-32190	Microsoft Office Remote Code Execution Vulnerability	Critical	8.4	No	No	RCE
CVE-2026-33114	Microsoft Word Remote Code Execution Vulnerability	Critical	8.4	No	No	RCE
CVE-2026-33115	Microsoft Word Remote Code Execution Vulnerability	Critical	8.4	No	No	RCE
CVE-2026-32157	Remote Desktop Client Remote Code Execution Vulnerability	Critical	8.8	No	No	RCE
CVE-2026-33826	Windows Active Directory Remote Code Execution Vulnerability	Critical	8	No	No	RCE
CVE-2026-33824	Windows Internet Key Exchange (IKE) Service Extensions Remote Code Execution Vulnerability	Critical	9.8	No	No	RCE
CVE-2026-33827	Windows TCP/IP Remote Code Execution Vulnerability	Critical	8.1	No	No	RCE
CVE-2026-26171	.NET Denial of Service Vulnerability	Important	7.5	No	No	DoS
CVE-2026-32226	.NET Framework Denial of Service Vulnerability	Important	5.9	No	No	DoS
CVE-2026-32178	.NET Spoofing Vulnerability	Important	7.5	No	No	Spoofing
CVE-2026-32203	.NET and Visual Studio Denial of Service Vulnerability	Important	7.5	No	No	DoS
CVE-2026-33116	.NET, .NET Framework, and Visual Studio Denial of Service Vulnerability	Important	7.5	No	No	DoS
CVE-2023-20585 *	AMD: CVE-2023-20585 IOMMU Write Buffer Vulnerability	Important	5.3	No	No	RCE
CVE-2026-32072	Active Directory Spoofing Vulnerability	Important	6.2	No	No	Spoofing
CVE-2026-25184	Applocker Filter Driver (applockerfltr.sys) Elevation of Privilege Vulnerability	Important	7	No	No	EoP
CVE-2026-32171	Azure Logic Apps Elevation of Privilege Vulnerability	Important	8.8	No	No	EoP
CVE-2026-32168	Azure Monitor Agent Elevation of Privilege Vulnerability	Important	7.8	No	No	EoP
CVE-2026-32192	Azure Monitor Agent Elevation of Privilege Vulnerability	Important	7.8	No	No	EoP
CVE-2026-32181	Connected User Experiences and Telemetry Service Denial of Service Vulnerability	Important	5.5	No	No	DoS
CVE-2026-27924	Desktop Window Manager Elevation of Privilege Vulnerability	Important	7.8	No	No	EoP
CVE-2026-32152	Desktop Window Manager Elevation of Privilege Vulnerability	Important	7.8	No	No	EoP
CVE-2026-32154	Desktop Window Manager Elevation of Privilege Vulnerability	Important	7.8	No	No	EoP
CVE-2026-27923	Desktop Window Manager Elevation of Privilege Vulnerability	Important	7.8	No	No	EoP
CVE-2026-32155	Desktop Window Manager Elevation of Privilege Vulnerability	Important	7.8	No	No	EoP
CVE-2026-23653	GitHub Copilot and Visual Studio Code Information Disclosure Vulnerability	Important	5.7	No	No	Info
CVE-2026-23653 *	GitHub: CVE-2026-32631 'git clone' from manipulated repositories can leak NTLM hashes	Important	7.4	No	No	Info
CVE-2026-33096	HTTP.sys Denial of Service Vulnerability	Important	7.5	No	No	DoS
CVE-2026-25250 *	MITRE: CVE-2026-25250 Secure Boot disable Eazy Fix	Important	6	No	No	SFB
CVE-2026-26181	Microsoft Brokering File System Elevation of Privilege Vulnerability	Important	7.8	No	No	EoP
CVE-2026-32219	Microsoft Brokering File System Elevation of Privilege Vulnerability	Important	7	No	No	EoP
CVE-2026-32091	Microsoft Brokering File System Elevation of Privilege Vulnerability	Important	8.4	No	No	EoP
CVE-2026-26152	Microsoft Cryptographic Services Elevation of Privilege Vulnerability	Important	7	No	No	EoP
CVE-2026-33103	Microsoft Dynamics 365 (On-Premises) Information Disclosure Vulnerability	Important	5.5	No	No	Info
CVE-2026-32188	Microsoft Excel Information Disclosure Vulnerability	Important	7.1	No	No	Info
CVE-2026-32189	Microsoft Excel Remote Code Execution Vulnerability	Important	7.8	No	No	RCE
CVE-2026-32197	Microsoft Excel Remote Code Execution Vulnerability	Important	7.8	No	No	RCE
CVE-2026-32198	Microsoft Excel Remote Code Execution Vulnerability	Important	7.8	No	No	RCE
CVE-2026-32199	Microsoft Excel Remote Code Execution Vulnerability	Important	7.8	No	No	RCE
CVE-2026-32184	Microsoft High Performance Compute (HPC) Pack Elevation of Privilege Vulnerability	Important	7.8	No	No	EoP
CVE-2026-26155	Microsoft Local Security Authority Subsystem Service Information Disclosure Vulnerability	Important	6.5	No	No	Info
CVE-2026-27914	Microsoft Management Console Elevation of Privilege Vulnerability	Important	7.8	No	No	EoP
CVE-2026-26149	Microsoft Power Apps Security Feature Bypass	Important	9	No	No	SFB
CVE-2026-32200	Microsoft PowerPoint Remote Code Execution Vulnerability	Important	7.8	No	No	RCE
CVE-2026-26143	Microsoft PowerShell Security Feature Bypass Vulnerability	Important	7.8	No	No	SFB
CVE-2026-33120 †	Microsoft SQL Server Remote Code Execution Vulnerability	Important	8.8	No	No	RCE
CVE-2026-20945	Microsoft SharePoint Server Spoofing Vulnerability	Important	4.6	No	No	Spoofing
CVE-2026-33822	Microsoft Word Information Disclosure Vulnerability	Important	6.1	No	No	Info
CVE-2026-33095	Microsoft Word Remote Code Execution Vulnerability	Important	7.8	No	No	RCE
CVE-2026-23657	Microsoft Word Remote Code Execution Vulnerability	Important	7.8	No	No	RCE
CVE-2026-32081	Package Catalog Information Disclosure Vulnerability	Important	5.5	No	No	Info
CVE-2026-26170	PowerShell Elevation of Privilege Vulnerability	Important	7.8	No	No	EoP
CVE-2026-26183	Remote Access Management service/API (RPC server) Elevation of Privilege Vulnerability	Important	7.8	No	No	EoP
CVE-2026-26160	Remote Desktop Licensing Service Elevation of Privilege Vulnerability	Important	7.8	No	No	EoP
CVE-2026-26159	Remote Desktop Licensing Service Elevation of Privilege Vulnerability	Important	7.8	No	No	EoP
CVE-2026-26151	Remote Desktop Spoofing Vulnerability	Important	7.1	No	No	Spoofing
CVE-2026-32085	Remote Procedure Call Information Disclosure Vulnerability	Important	5.5	No	No	Info
CVE-2026-32167	SQL Server Elevation of Privilege Vulnerability	Important	6.7	No	No	EoP
CVE-2026-32176	SQL Server Elevation of Privilege Vulnerability	Important	6.7	No	No	EoP
CVE-2026-0390	UEFI Secure Boot Security Feature Bypass Vulnerability	Important	6.7	No	No	SFB
CVE-2026-32220	UEFI Secure Boot Security Feature Bypass Vulnerability	Important	4.4	No	No	SFB
CVE-2026-32212	Universal Plug and Play (upnp.dll) Information Disclosure Vulnerability	Important	5.5	No	No	Info
CVE-2026-32214	Universal Plug and Play (upnp.dll) Information Disclosure Vulnerability	Important	5.5	No	No	Info
CVE-2026-32079	Web Account Manager Information Disclosure Vulnerability	Important	5.5	No	No	Info
CVE-2026-33104	Win32k Elevation of Privilege Vulnerability	Important	7	No	No	EoP
CVE-2026-32196	Windows Admin Center Spoofing Vulnerability	Important	6.1	No	No	Spoofing
CVE-2026-26178	Windows Advanced Rasterization Platform Elevation of Privilege Vulnerability	Important	8.8	No	No	EoP
CVE-2026-32073	Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability	Important	7	No	No	EoP
CVE-2026-26168	Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability	Important	7.8	No	No	EoP
CVE-2026-26173	Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability	Important	7	No	No	EoP
CVE-2026-26177	Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability	Important	7	No	No	EoP
CVE-2026-26182	Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability	Important	7	No	No	EoP
CVE-2026-27922	Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability	Important	7	No	No	EoP
CVE-2026-33099	Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability	Important	7	No	No	EoP
CVE-2026-33100	Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability	Important	7	No	No	EoP
CVE-2026-32088	Windows Biometric Service Security Feature Bypass Vulnerability	Important	6.1	No	No	SFB
CVE-2026-27913	Windows BitLocker Security Feature Bypass Vulnerability	Important	7.7	No	No	SFB
CVE-2026-26175	Windows Boot Manager Security Feature Bypass Vulnerability	Important	4.6	No	No	SFB
CVE-2026-32162	Windows COM Elevation of Privilege Vulnerability	Important	8.4	No	No	EoP
CVE-2026-20806	Windows COM Server Information Disclosure Vulnerability	Important	5.5	No	No	Info
CVE-2026-26176	Windows Client Side Caching driver (csc.sys) Elevation of Privilege Vulnerability	Important	7.8	No	No	EoP
CVE-2026-27926	Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability	Important	7	No	No	EoP
CVE-2026-32070	Windows Common Log File System Driver Elevation of Privilege Vulnerability	Important	7	No	No	EoP
CVE-2026-33098	Windows Container Isolation FS Filter Driver Elevation of Privilege Vulnerability	Important	7.8	No	No	EoP
CVE-2026-26153	Windows Encrypted File System (EFS) Elevation of Privilege Vulnerability	Important	7.8	No	No	EoP
CVE-2026-32087	Windows Function Discovery Service (fdwsd.dll) Elevation of Privilege Vulnerability	Important	7	No	No	EoP
CVE-2026-32093	Windows Function Discovery Service (fdwsd.dll) Elevation of Privilege Vulnerability	Important	7	No	No	EoP
CVE-2026-32086	Windows Function Discovery Service (fdwsd.dll) Elevation of Privilege Vulnerability	Important	7	No	No	EoP
CVE-2026-32150	Windows Function Discovery Service (fdwsd.dll) Elevation of Privilege Vulnerability	Important	7	No	No	EoP
CVE-2026-27931	Windows GDI Information Disclosure Vulnerability	Important	5.5	No	No	Info
CVE-2026-27930	Windows GDI Information Disclosure Vulnerability	Important	5.5	No	No	Info
CVE-2026-32221	Windows Graphics Component Remote Code Execution Vulnerability	Important	8.4	No	No	RCE
CVE-2026-27906	Windows Hello Security Feature Bypass Vulnerability	Important	4.4	No	No	SFB
CVE-2026-27928	Windows Hello Security Feature Bypass Vulnerability	Important	8.7	No	No	SFB
CVE-2026-26156	Windows Hyper-V Remote Code Execution Vulnerability	Important	7.8	No	No	RCE
CVE-2026-32149	Windows Hyper-V Remote Code Execution Vulnerability	Important	7.3	No	No	RCE
CVE-2026-27910	Windows Installer Elevation of Privilege Vulnerability	Important	7.8	No	No	EoP
CVE-2026-27912	Windows Kerberos Elevation of Privilege Vulnerability	Important	8	No	No	EoP
CVE-2026-26179	Windows Kernel Elevation of Privilege Vulnerability	Important	7.8	No	No	EoP
CVE-2026-26180	Windows Kernel Elevation of Privilege Vulnerability	Important	7.8	No	No	EoP
CVE-2026-32195	Windows Kernel Elevation of Privilege Vulnerability	Important	7	No	No	EoP
CVE-2026-26163	Windows Kernel Elevation of Privilege Vulnerability	Important	7.8	No	No	EoP
CVE-2026-32215	Windows Kernel Information Disclosure Vulnerability	Important	5.5	No	No	Info
CVE-2026-32217	Windows Kernel Information Disclosure Vulnerability	Important	5.5	No	No	Info
CVE-2026-32218	Windows Kernel Information Disclosure Vulnerability	Important	5.5	No	No	Info
CVE-2026-26169	Windows Kernel Memory Information Disclosure Vulnerability	Important	6.1	No	No	Info
CVE-2026-27929	Windows LUA File Virtualization Filter Driver Elevation of Privilege Vulnerability	Important	7	No	No	EoP
CVE-2026-32071	Windows Local Security Authority Subsystem Service (LSASS) Denial of Service Vulnerability	Important	7.5	No	No	DoS
CVE-2026-20930	Windows Management Services Elevation of Privilege Vulnerability	Important	7.8	No	No	EoP
CVE-2026-26162	Windows OLE Elevation of Privilege Vulnerability	Important	7.8	No	No	EoP
CVE-2026-33101	Windows Print Spooler Elevation of Privilege Vulnerability	Important	7.8	No	No	EoP
CVE-2026-32084	Windows Print Spooler Information Disclosure Vulnerability	Important	5.5	No	No	Info
CVE-2026-27927	Windows Projected File System Elevation of Privilege Vulnerability	Important	7.8	No	No	EoP
CVE-2026-26184	Windows Projected File System Elevation of Privilege Vulnerability	Important	7.8	No	No	EoP
CVE-2026-32069	Windows Projected File System Elevation of Privilege Vulnerability	Important	7.8	No	No	EoP
CVE-2026-32074	Windows Projected File System Elevation of Privilege Vulnerability	Important	7.8	No	No	EoP
CVE-2026-32078	Windows Projected File System Elevation of Privilege Vulnerability	Important	7.8	No	No	EoP
CVE-2026-26167	Windows Push Notifications Elevation of Privilege Vulnerability	Important	8.8	No	No	EoP
CVE-2026-32158	Windows Push Notifications Elevation of Privilege Vulnerability	Important	7.8	No	No	EoP
CVE-2026-32159	Windows Push Notifications Elevation of Privilege Vulnerability	Important	7.8	No	No	EoP
CVE-2026-32160	Windows Push Notifications Elevation of Privilege Vulnerability	Important	7.8	No	No	EoP
CVE-2026-26172	Windows Push Notifications Elevation of Privilege Vulnerability	Important	7.8	No	No	EoP
CVE-2026-20928	Windows Recovery Environment Security Feature Bypass Vulnerability	Important	4.6	No	No	SFB
CVE-2026-32216	Windows Redirected Drive Buffering System Denial of Service Vulnerability	Important	5.5	No	No	DoS
CVE-2026-27909	Windows Search Service Elevation of Privilege Vulnerability	Important	7.8	No	No	EoP
CVE-2026-26161	Windows Sensor Data Service Elevation of Privilege Vulnerability	Important	7.8	No	No	EoP
CVE-2026-26174	Windows Server Update Service (WSUS) Elevation of Privilege Vulnerability	Important	7	No	No	EoP
CVE-2026-32224	Windows Server Update Service (WSUS) Elevation of Privilege Vulnerability	Important	7	No	No	EoP
CVE-2026-26154	Windows Server Update Service (WSUS) Tampering Vulnerability	Important	7.5	No	No	Tampering
CVE-2026-26165	Windows Shell Elevation of Privilege Vulnerability	Important	7	No	No	EoP
CVE-2026-26166	Windows Shell Elevation of Privilege Vulnerability	Important	7	No	No	EoP
CVE-2026-27918	Windows Shell Elevation of Privilege Vulnerability	Important	7.8	No	No	EoP
CVE-2026-32151	Windows Shell Information Disclosure Vulnerability	Important	6.5	No	No	Info
CVE-2026-32225	Windows Shell Security Feature Bypass Vulnerability	Important	8.8	No	No	SFB
CVE-2026-32202	Windows Shell Spoofing Vulnerability	Important	4.3	No	No	Spoofing
CVE-2026-32082	Windows Simple Search and Discovery Protocol (SSDP) Service Elevation of Privilege Vulnerability	Important	7	No	No	EoP
CVE-2026-32083	Windows Simple Search and Discovery Protocol (SSDP) Service Elevation of Privilege Vulnerability	Important	7	No	No	EoP
CVE-2026-32068	Windows Simple Search and Discovery Protocol (SSDP) Service Elevation of Privilege Vulnerability	Important	7	No	No	EoP
CVE-2026-32183	Windows Snipping Tool Remote Code Execution Vulnerability	Important	7.8	No	No	RCE
CVE-2026-32089	Windows Speech Brokered Api Elevation of Privilege Vulnerability	Important	7.8	No	No	EoP
CVE-2026-32090	Windows Speech Brokered Api Elevation of Privilege Vulnerability	Important	7.8	No	No	EoP
CVE-2026-32153	Windows Speech Runtime Elevation of Privilege Vulnerability	Important	7.8	No	No	EoP
CVE-2026-27907	Windows Storage Spaces Controller Elevation of Privilege Vulnerability	Important	7.8	No	No	EoP
CVE-2026-32076	Windows Storage Spaces Controller Elevation of Privilege Vulnerability	Important	7.8	No	No	EoP
CVE-2026-27908	Windows TDI Translation Driver (tdx.sys) Elevation of Privilege Vulnerability	Important	7	No	No	EoP
CVE-2026-27921	Windows TDI Translation Driver (tdx.sys) Elevation of Privilege Vulnerability	Important	7	No	No	EoP
CVE-2026-27915	Windows UPnP Device Host Elevation of Privilege Vulnerability	Important	7.8	No	No	EoP
CVE-2026-27919	Windows UPnP Device Host Elevation of Privilege Vulnerability	Important	7.8	No	No	EoP
CVE-2026-32075	Windows UPnP Device Host Elevation of Privilege Vulnerability	Important	7	No	No	EoP
CVE-2026-27916	Windows UPnP Device Host Elevation of Privilege Vulnerability	Important	7.8	No	No	EoP
CVE-2026-27920	Windows UPnP Device Host Elevation of Privilege Vulnerability	Important	7.8	No	No	EoP
CVE-2026-32077	Windows UPnP Device Host Elevation of Privilege Vulnerability	Important	7.8	No	No	EoP
CVE-2026-27925	Windows UPnP Device Host Information Disclosure Vulnerability	Important	6.5	No	No	Info
CVE-2026-32156	Windows UPnP Device Host Remote Code Execution Vulnerability	Important	7.4	No	No	RCE
CVE-2026-32223	Windows USB Printing Stack (usbprint.sys) Elevation of Privilege Vulnerability	Important	6.8	No	No	EoP
CVE-2026-32165	Windows User Interface Core Elevation of Privilege Vulnerability	Important	7.8	No	No	EoP
CVE-2026-27911	Windows User Interface Core Elevation of Privilege Vulnerability	Important	7.8	No	No	EoP
CVE-2026-32163	Windows User Interface Core Elevation of Privilege Vulnerability	Important	7.8	No	No	EoP
CVE-2026-32164	Windows User Interface Core Elevation of Privilege Vulnerability	Important	7.8	No	No	EoP
CVE-2026-23670	Windows Virtualization-Based Security (VBS) Security Feature Bypass Vulnerability	Important	5.7	No	No	SFB
CVE-2026-27917	Windows WFP NDIS Lightweight Filter Driver (wfplwfs.sys) Elevation of Privilege Vulnerability	Important	7	No	No	EoP
CVE-2026-32080	Windows WalletService Elevation of Privilege Vulnerability	Important	7	No	No	EoP
CVE-2026-32222	Windows Win32k Elevation of Privilege Vulnerability	Important	7.8	No	No	EoP
CVE-2026-21637 *	HackerOne: CVE-2026-21637 TLS PSK/ALPN Callback Exceptions Bypass Error Handlers	Moderate	7.5	No	No	SFB
CVE-2026-33119	Microsoft Edge (Chromium-based) for Android Spoofing Vulnerability	Moderate	5.4	No	No	Spoofing
CVE-2026-33829	Windows Snipping Tool Spoofing Vulnerability	Moderate	4.3	No	No	Spoofing
CVE-2026-5858 *	Chromium: CVE-2026-5858 Heap buffer overflow in WebML	Critical	N/A	No	No	RCE
CVE-2026-5859 *	Chromium: CVE-2026-5859 Integer overflow in WebML	Critical	N/A	No	No	RCE
CVE-2026-5272 *	Chromium: CVE-2026-5272 Heap buffer overflow in GPU	High	N/A	No	No	RCE
CVE-2026-5273 *	Chromium: CVE-2026-5273 Use after free in CSS	High	N/A	No	No	RCE
CVE-2026-5274 *	Chromium: CVE-2026-5274 Integer overflow in Codecs	High	N/A	No	No	RCE
CVE-2026-5275 *	Chromium: CVE-2026-5275 Heap buffer overflow in ANGLE	High	N/A	No	No	RCE
CVE-2026-5276 *	Chromium: CVE-2026-5276 Insufficient policy enforcement in WebUSB	High	N/A	No	No	SFB
CVE-2026-5277 *	Chromium: CVE-2026-5277 Integer overflow in ANGLE	High	N/A	No	No	RCE
CVE-2026-5279 *	Chromium: CVE-2026-5279 Object corruption in V8	High	N/A	No	No	RCE
CVE-2026-5280 *	Chromium: CVE-2026-5280 Use after free in WebCodecs	High	N/A	No	No	RCE
CVE-2026-5283 *	Chromium: CVE-2026-5283 Inappropriate implementation in ANGLE	High	N/A	No	No	SFB
CVE-2026-5284 *	Chromium: CVE-2026-5284 Use after free in Dawn	High	N/A	No	No	RCE
CVE-2026-5285 *	Chromium: CVE-2026-5285 Use after free in WebGL	High	N/A	No	No	RCE
CVE-2026-5286 *	Chromium: CVE-2026-5286 Use after free in Dawn	High	N/A	No	No	RCE
CVE-2026-5287 *	Chromium: CVE-2026-5287 Use after free in PDF	High	N/A	No	No	RCE
CVE-2026-5289 *	Chromium: CVE-2026-5289 Use after free in Navigation	High	N/A	No	No	RCE
CVE-2026-5290 *	Chromium: CVE-2026-5290 Use after free in Compositing	High	N/A	No	No	RCE
CVE-2026-5860 *	Chromium: CVE-2026-5860 Use after free in WebRTC	High	N/A	No	No	RCE
CVE-2026-5861 *	Chromium: CVE-2026-5861 Use after free in V8	High	N/A	No	No	RCE
CVE-2026-5862 *	Chromium: CVE-2026-5862 Inappropriate implementation in V8	High	N/A	No	No	SFB
CVE-2026-5863 *	Chromium: CVE-2026-5863 Inappropriate implementation in V8	High	N/A	No	No	SFB
CVE-2026-5864 *	Chromium: CVE-2026-5864 Heap buffer overflow in WebAudio	High	N/A	No	No	RCE
CVE-2026-5865 *	Chromium: CVE-2026-5865 Type Confusion in V8	High	N/A	No	No	RCE
CVE-2026-5866 *	Chromium: CVE-2026-5866 Use after free in Media	High	N/A	No	No	RCE
CVE-2026-5867 *	Chromium: CVE-2026-5867 Heap buffer overflow in WebML	High	N/A	No	No	RCE
CVE-2026-5868 *	Chromium: CVE-2026-5868 Heap buffer overflow in ANGLE	High	N/A	No	No	RCE
CVE-2026-5869 *	Chromium: CVE-2026-5869 Heap buffer overflow in WebML	High	N/A	No	No	RCE
CVE-2026-5870 *	Chromium: CVE-2026-5870 Integer overflow in Skia	High	N/A	No	No	RCE
CVE-2026-5871 *	Chromium: CVE-2026-5871 Type Confusion in V8	High	N/A	No	No	RCE
CVE-2026-5872 *	Chromium: CVE-2026-5872 Use after free in Blink	High	N/A	No	No	RCE
CVE-2026-5873 *	Chromium: CVE-2026-5873 Out of bounds read and write in V8	High	N/A	No	No	RCE
CVE-2026-5291 *	Chromium: CVE-2026-5291 Inappropriate implementation in WebGL	Medium	N/A	No	No	SFB
CVE-2026-5292 *	Chromium: CVE-2026-5292 Out of bounds read in WebCodecs	Medium	N/A	No	No	Info
CVE-2026-5874 *	Chromium: CVE-2026-5874 Use after free in PrivateAI	Medium	N/A	No	No	RCE
CVE-2026-5875 *	Chromium: CVE-2026-5875 Policy bypass in Blink	Medium	N/A	No	No	SFB
CVE-2026-5876 *	Chromium: CVE-2026-5876 Side-channel information leakage in Navigation	Medium	N/A	No	No	Info
CVE-2026-5877 *	Chromium: CVE-2026-5877 Use after free in Navigation	Medium	N/A	No	No	RCE
CVE-2026-5878 *	Chromium: CVE-2026-5878 Incorrect security UI in Blink	Medium	N/A	No	No	Spoofing
CVE-2026-5879 *	Chromium: CVE-2026-5879 Insufficient validation of untrusted input in ANGLE	Medium	N/A	No	No	SFB
CVE-2026-5880 *	Chromium: CVE-2026-5880 Incorrect security UI in browser UI	Medium	N/A	No	No	Spoofing
CVE-2026-5881 *	Chromium: CVE-2026-5881 Policy bypass in LocalNetworkAccess	Medium	N/A	No	No	SFB
CVE-2026-5882 *	Chromium: CVE-2026-5882 Incorrect security UI in Fullscreen	Medium	N/A	No	No	Spoofing
CVE-2026-5883 *	Chromium: CVE-2026-5883 Use after free in Media	Medium	N/A	No	No	RCE
CVE-2026-5884 *	Chromium: CVE-2026-5884 Insufficient validation of untrusted input in Media	Medium	N/A	No	No	SFB
CVE-2026-5885 *	Chromium: CVE-2026-5885 Insufficient validation of untrusted input in WebML	Medium	N/A	No	No	SFB
CVE-2026-5886 *	Chromium: CVE-2026-5886 Out of bounds read in WebAudio	Medium	N/A	No	No	Info
CVE-2026-5887 *	Chromium: CVE-2026-5887 Insufficient validation of untrusted input in Downloads	Medium	N/A	No	No	SFB
CVE-2026-5888 *	Chromium: CVE-2026-5888 Uninitialized Use in WebCodecs	Medium	N/A	No	No	RCE
CVE-2026-5889 *	Chromium: CVE-2026-5889 Cryptographic Flaw in PDFium	Medium	N/A	No	No	SFB
CVE-2026-5890 *	Chromium: CVE-2026-5890 Race in WebCodecs	Medium	N/A	No	No	RCE
CVE-2026-5891 *	Chromium: CVE-2026-5891 Insufficient policy enforcement in browser UI	Medium	N/A	No	No	SFB
CVE-2026-5892 *	Chromium: CVE-2026-5892 Insufficient policy enforcement in PWAs	Medium	N/A	No	No	SFB
CVE-2026-5893 *	Chromium: CVE-2026-5893 Race in V8	Medium	N/A	No	No	RCE
CVE-2026-5894 *	Chromium: CVE-2026-5894 Inappropriate implementation in PDF	Low	N/A	No	No	SFB
CVE-2026-5895 *	Chromium: CVE-2026-5895 Incorrect security UI in Omnibox	Low	N/A	No	No	Spoofing
CVE-2026-5896 *	Chromium: CVE-2026-5896 Policy bypass in Audio	Low	N/A	No	No	SFB
CVE-2026-5897 *	Chromium: CVE-2026-5897 Incorrect security UI in Downloads	Low	N/A	No	No	Spoofing
CVE-2026-5898 *	Chromium: CVE-2026-5898 Incorrect security UI in Omnibox	Low	N/A	No	No	Spoofing
CVE-2026-5899 *	Chromium: CVE-2026-5899 Incorrect security UI in History Navigation	Low	N/A	No	No	Spoofing
CVE-2026-5900 *	Chromium: CVE-2026-5900 Policy bypass in Downloads	Low	N/A	No	No	SFB
CVE-2026-5901 *	Chromium: CVE-2026-5901 Policy bypass in DevTools	Low	N/A	No	No	SFB
CVE-2026-5902 *	Chromium: CVE-2026-5902 Race in Media	Low	N/A	No	No	RCE
CVE-2026-5903 *	Chromium: CVE-2026-5903 Policy bypass in IFrameSandbox	Low	N/A	No	No	SFB
CVE-2026-5904 *	Chromium: CVE-2026-5904 Use after free in V8	Low	N/A	No	No	RCE
CVE-2026-5905 *	Chromium: CVE-2026-5905 Incorrect security UI in Permissions	Low	N/A	No	No	Spoofing
CVE-2026-5906 *	Chromium: CVE-2026-5906 Incorrect security UI in Omnibox	Low	N/A	No	No	Spoofing
CVE-2026-5907 *	Chromium: CVE-2026-5907 Insufficient data validation in Media	Low	N/A	No	No	SFB
CVE-2026-5908 *	Chromium: CVE-2026-5908 Integer overflow in Media	Low	N/A	No	No	RCE
CVE-2026-5909 *	Chromium: CVE-2026-5909 Integer overflow in Media	Low	N/A	No	No	RCE
CVE-2026-5910 *	Chromium: CVE-2026-5910 Integer overflow in Media	Low	N/A	No	No	RCE
CVE-2026-5911 *	Chromium: CVE-2026-5911 Policy bypass in ServiceWorkers	Low	N/A	No	No	SFB
CVE-2026-5912 *	Chromium: CVE-2026-5912 Integer overflow in WebRTC	Low	N/A	No	No	RCE
CVE-2026-5913 *	Chromium: CVE-2026-5913 Out of bounds read in Blink	Low	N/A	No	No	Info
CVE-2026-5914 *	Chromium: CVE-2026-5914 Type Confusion in CSS	Low	N/A	No	No	RCE
CVE-2026-5915 *	Chromium: CVE-2026-5915 Insufficient validation of untrusted input in WebML	Low	N/A	No	No	SFB
CVE-2026-5918 *	Chromium: CVE-2026-5918 Inappropriate implementation in Navigation	Low	N/A	No	No	SFB
CVE-2026-5919 *	Chromium: CVE-2026-5919 Insufficient validation of untrusted input in WebSockets	Low	N/A	No	No	SFB
CVE-2026-33118	Microsoft Edge (Chromium-based) Spoofing Vulnerability	Low	4.3	No	No	Spoofing

* Indicates this CVE had been released by a third party and is now being included in Microsoft releases.

† Indicates further administrative actions are required to fully address the vulnerability.

 

Looking at the other Critical-rated bugs in this month’s release, there are three Office-related bugs where the Preview Pane is once again listed as an exploit vector. I would still like to have a full-proof way of disabling the Preview Pane, but I don’t see that as an option. There’s a bug in the RDP client, but that involves connecting to a malicious RDP server. The bug in Active Directory requires authentication and a network adjacent attacker. The final Critical-rated bug is an interesting DoS in .NET Framework. An unauthenticated attacker could deny service over a network – presumably crippling any affected app made in .NET. You rarely see Critical-rated DoS bugs, but this one deserves the moniker.

Moving on to the other code execution bugs, you have quite a few open-and-own bugs in Office components, most notably Excel, where the Preview Pane is not an attack vector. The bug in SQL Server requires authentication, and as usual, additional steps are needed to ensure you have the correct update to remediate this vulnerability. The two bugs in Hyper-V almost reads like a privilege escalation since it allows unauthorized attackers to execute code locally. That’s the same for the bugs in the Windows Snipping Tool and the UPnP Device host.

More than half of this release addresses Elevation of Privilege (EoP) bugs. However, most simply lead to local attackers executing their code at SYSTEM-level privileges or administrative privileges, so there’s not much to add without further technical details about the bugs themselves. The bugs in SQL Server could allow an attacker to gain SQL sysadmin privileges. One of the kernel bugs simply states an attacker could “elevate privileges locally”. How obtuse. That’s similar for the bug in afd.sys and Desktop Windows Manager, but Microsoft also states that these bugs could crash an affected system. There are several bugs that result in a sandbox escape, including Windows Push Notifications, AFD for Winsock, Management Services, and User Interface Core. Of these, CVE-2026-26167 (Push Notifications) is the most notable — it's the only one with low attack complexity, meaning no race condition needed. The rest all require winning a race condition (AC:H). The bugs in UPnP are interesting as they allow attackers to gain access to a limited set of administrator-protected objects. Not a full escalation but definitely getting access to resources they shouldn’t. The vulnerability in the Brokering File System allows attackers to gain the level of the logged on user, so don’t do your normal activities as a user with admin privileges. The bug in Azure Monitor Agent leads to root-level access.

There are a dozen different security features bypass bugs in the April release. Some of these are obvious by the title alone. For example, the bugs in Windows Hello bypass safety features within the Hello app itself. The bug in the Biometric Service allows attackers to bypass biometric protections. The vulns in BitLocker and Secure Boot bypass protections in those components. The bug in Power Apps allows attackers to bypass a security warning dialog and trick targets into triggering an external protocol call that performs unintended actions on the user’s device. The bug in Windows Shell allows attackers to bypass Mark of the Web (MotW) protections. The bug in PowerShell could almost be described as a code execution bug as exploiting it bypasses dynamic-expression security checks, which could result in code execution. The vulnerability in the Windows Recovery Environment allows local attackers to bypass BitLocker device encryption. Finally, the bug in Virtualization‑Based Security (VBS) is the most interesting of the bunch – and not just because VBS is a (relatively) new feature. The problem allows attackers to manipulate allow a compromised Windows kernel to modify memory belonging to the secure kernel, breaking the intended isolation guarantees provided by VBS. Somewhat of a sandbox escape, but this time, you’re escaping from Virtual Trust Level 0 (VTL0) to Virtual Trust Level 1 (VTL1). Neat.

Moving on to the Information Disclosure bugs fixed this month, we have 20 different CVEs. Fortunately, most of these simply result in info leaks consisting of unspecified memory contents or memory addresses. While useful in crafting exploits, they aren’t exactly exciting on their own. There are also several bugs that disclose addresses from an object a contained in a sandboxed execution environment. This includes bugs in the Print Spooler, Package Catalog, and Web Account Manager. The bug in Dynamics 365 discloses the ever ineffable “sensitive information”. There are three different info disclosure bugs in UPnP. Two allow an attacker to read from the file system, while the third discloses anything available to the LOCAL SERVICE account. The final info disclosure bug resides in Copilot and Visual Studio and allows attackers to disclose the contents of the Model Context Protocol (MCP) when using Copilot. There are those who think MCP is dead (thanks to agentic AI agents), but if you’re using a custom MCP, I doubt you would want it leaked.

The April release contains just a handful of Spoofing bugs. Some, like the bugs in .NET, Active Directory, and Windows Shell, just say that they allow spoofing over a network. Others, like the bug in Windows Snipping Tool, say similar but also note that it could be used to relay NTLMv2 hashes. The patch for RDP notes that there are new warning dialogs coming this month. The bug in the Windows Admin Center would allow an attacker to interact with other tenant’s applications and content. Finally, the spoofing bug in SharePoint is another XSS issue.

There are eight DoS bugs in the April release, but as always, Microsoft provides no actionable information about the vulnerabilities. Microsoft does offer a mitigation for the http.sys bug that can be applied while you test and deploy the patch, but I would rely on the patch rather than the mitigation. Another exception is the bug for Connected User Experiences and Telemetry Service, which allows attackers to deny service locally rather than over the network.

The final(!) bug in the April release is a Tampering bug in WSUS that reads like a DoS. According to Microsoft, “An attacker can send specially crafted packets which could affect availability of the service and result in Denial of Service (DoS).” But sure – let’s call it Tampering.

No new advisories are being released this month.

Looking Ahead

I will be in Berlin for the next Patch Tuesday, which will be May 12, and I’ll provide my full thoughts then on what will hopefully be a smaller release than this one. Until then, stay safe, happy patching, and may all your reboots be smooth and clean!

If you just want to read the contest rules, click here.

 

Willkommen zurück, meine Damen und Herren, zu unserem zweiten Wettbewerb in Berlin! That’s correct (if Google translate didn’t steer me wrong). After our inaugural competition last year, Pwn2Own returns to Berlin and OffensiveCon. Outside of our shipping troubles, we had an amazing time and can’t wait to get back.

Last year, we added Artificial Intelligence as a category with great results. This year, we’re expanding this and splitting it into multiple different categories: AI Databases, Coding Agents, Local Inferences, and a separate category for NVIDIA products. In last year’s contest, NVIDIA targets had wins, losses, and collisions, so it will be interesting to see how they fare this year. The folks from AWS wanted to get into the fray as well, so they stepped up to co-sponsor this year’s event, which allows us to increase the reward for bugs in Firecracker. Of course, we have all of the returning categories as well, including web browsers, containers, servers, virtualization, and operating systems. There’s more than $1,000,000 in cash and prizes available for contestants. Last year, we awarded $1,078,750 for 28 unique 0-days over the three-day event. We’ll see if we can eclipse those numbers in 2026.

The contest begins on May 14, but registration closes on May 7, so don’t delay in getting those submissions in. We’re hoping for maximum participation, so set aside your vibe coding and show us what you can really do. We’re looking forward to some cutting-edge exploitation on display. For 2026, we have a total of 31 targets across 10 categories. Here is a full list of the categories for this year’s event:  

-- Virtualization
-- Web Browser
-- Enterprise Applications
-- Servers
-- Local Escalation of Privilege
-- Containers
-- AI Database
-- Coding Agents
-- Local Inference
-- NVIDIA

Of course, no Pwn2Own competition would be complete without us crowning a Master of Pwn (Meister von Pwn?). Since the order of the contest is decided by a random draw, contestants with an unlucky draw could still demonstrate fantastic research but receive less money since subsequent rounds go down in value. However, the points awarded for each unique, successful entry do not go down. Someone could have a bad draw and still accumulate the most points. The person or team with the most points at the end of the contest will be crowned Master of Pwn, receive 65,000 ZDI reward points (enough for Platinum status), a killer trophy, and a pretty snazzy jacket to boot.

Let's look at the details of the rules for this year's event.

Virtualization Category

Some of the highlights for each contest can be found in the Virtualization Category, and we’re thrilled to see what this year’s event could bring with it. As usual, VMware is the main highlight of this category as we’ll have VMware ESXi return with an award of $150,000. Last year produced the first ESXi exploits in Pwn2Own history, so it will be interesting to see if we get more. Microsoft also returns as a target and leads the virtualization category with a $250,000 award for a successful Hyper-V Client guest-to-host escalation. Kernel-based Virtual Machine (KVM) is our final target in this category with a prize of $50,000.

There’s an add-on bonus in this category as well. If a contestant can escape the guest OS, then gain arbitrary code execution on the virtualization target and obtain arbitrary code execution in the guest operating system on a separate virtual machine managed by the same targeted virtualization target, they’ll earn another $50,000. That could push the payout on a ESXi bug to $200,000. This bonus is for KVM and ESXi only. Here’s a detailed look at the targets and available payouts in the Virtualization category:

Back to top

Web Browser Category

While browsers are the “traditional” Pwn2Own target, we’re continuously tweaking the targets in this category to ensure they remain relevant. We re-introduced renderer-only exploits a couple of years ago, and this year, we’ve increased the award to $75,000. In fact, we’ve increased the awards across the board for this category. Here’s a detailed look at the targets and available payouts:

Back to top

Enterprise Applications Category

Enterprise applications return as targets with Adobe Reader and various Office components on the target list once again. Attempts in this category must be launched from the target under test. For example, launching the target under test from the command line is not allowed. Prizes in this category run from $50,000 for a Reader exploit with a sandbox escape or a Reader exploit with a kernel privilege escalation, and $150,000 for an Office 365 application. Word, Excel, and PowerPoint are all valid targets. Microsoft Office-based targets will have Protected View enabled where applicable. Adobe Reader will have Protected Mode enabled where applicable.

This year, we’re adding a bonus for Copilot data exfiltration and Copilot action execution. Microsoft just patched a bug like this in Excel, so we know they are out there. If you’re able to exploit Copilot in addition to a Microsoft application, you’ll earn an additional $50,000. There are quite a few rules and scenarios around this add-on, so be sure to read the rules carefully and contact us with questions. Here’s a detailed view of the targets and payouts in the Enterprise Application category:

Back to top

The Server Category

The Server Category for 2026 focuses solely on the server components we’re most interested in. These servers are often targeted by everyone from ransomware crews to nation/state actors, so we know there are exploits out there for them. The only question is whether we’ll see any of the competitors bring one of those exploits to Pwn2Own. Last year, the bugs demonstrated in SharePoint ended up being exploited in the wild, so we know people are looking for these with great interest. Microsoft Exchange has been a popular target for some time, and it returns as a target this year as well, with a payout of $200,000. This category is rounded out by Microsoft Windows RDP/RDS, which also has a payout of $200,000. Here’s a detailed look at the targets and payouts in the Server category:

Back to top

Local Escalation of Privilege Category

This category is a classic for Pwn2Own and focuses on attacks that originate from a standard user and result in executing code as a high-privileged user. A successful entry in this category must leverage a kernel vulnerability to escalate privileges. Red Hat Enterprise Linux for Workstations returns as our Linux-based target, while Apple macOS, and Microsoft Windows 11 return as targets in this category. Prior exploits in this category have won Pwnie awards, so they’re always interesting to see. Here’s a detailed look at the targets and payouts in this category:

Back to top

The Container Category

We’re excited to have this category return for its third season, and we’re hopeful that even more contestants will target one of these container targets. For an attempt to be ruled a success against these three, the exploit must be launched from within the guest container/microVM and execute arbitrary code on the host operating system. Again, with help from AWS, Firecracker returns as a target with a prize of $100,000. Here are the targets and payouts for this category:

Back to top

AI Database Category

In the past, AI Hackathons have focused on using AI to develop vulnerabilities or other offensive frameworks. We’re opening up the models and various components themselves for exploitation. The first AI sub-category focuses on databases. An attempt in this category must be launched from the contestant’s laptop. Here’s a look at the targets and awards in the AI Database category:

Back to top

The Coding Agent Category

Let’s face it. At some point or another, we’ve probably all vibe coded something. There’s no shame in that, but how secure are the tools we use for vibe coding? Well, let’s take the most popular choices and find out. A successful entry must interact with a contestant-controlled resource (e.g. web page, repository, media file) to exploit a vulnerability within the coding agent. The attack vector of the entry must be a common coding agent use case. There are few things out of scope here as well. UI spoofing or misrepresentation unrelated to permission prompts, model jailbreaks or prompt outputs that do not cross security boundaries, and vulnerabilities that require unsafe or permission-less modes are just a few of the things not allowed. As this is a new category, please read the rules carefully to ensure your entry qualifies. Here’s a look at the targets and awards in the AI Coding Agent category:

Back to top

The Local Inference Category

We couldn’t leave local inference and LLMs out of Pwn2Own. These products claim to provide enhanced data privacy, zero-cost inference, lower latency, and fully offline functionality. We’ll see how the security stacks up. An attempt in this category must be launched from the contestant’s laptop within the contest network. Here are the targets and payouts for the Local Inference category:

Back to top

The NVIDIA Category

Our last AI sub-category focuses solely on NVIDIA products. For network accessible targets, an attempt must be launched from the contestant's laptop within the contest network. For NV Container Toolkit, the attempt must be launched from within a crafted container image and execute arbitrary code on the host operating system. For Megatron Bridge, entries that leverage vulnerabilities pertaining to pickle deserialization or that leverage a vulnerability when “trust_remote_code=true” are out of scope. Here are the targets and payouts for the NVIDIA category:

Back to top

Conclusion

The complete rules for Pwn2Own Berlin 2026 are found here. As always, we highly encourage entrants to read the rules thoroughly if they choose to participate. If you are thinking about participating but have specific configuration or rule-related questions, email us. Questions asked over X (nee Twitter), BlueSky, or other means will not be answered. Registration is required to ensure we have sufficient resources on hand at the event. Please contact ZDI at pwn2own@trendmicro.com to begin the registration process. Registration for onsite participation closes at 5 p.m. Central European Time on May 7, 2026.

Be sure to stay tuned to this blog and follow us on Twitter, Mastodon, LinkedIn, or Bluesky for the latest information and updates about the contest. We look forward to seeing everyone in Germany, and we hope to see some of the best in the world show what they can do – vibe coded or not.

With special thanks to our Pwn2Own Berlin 2026 partners AWS, for providing their expertise and technology.

© 2026 Trend Micro Incorporated. All rights reserved. PWN2OWN, ZERO DAY INITIATIVE, ZDI, ZERO DAY INITIATIVE, TrendAI, and Trend Micro are trademarks or registered trademarks of Trend Micro Incorporated. All other trademarks and trade names are the property of their respective owners.

I am back in the friendly confines of the Mid-South headquarters of TrendAI ZDI (a.k.a. my home office), and am all set for the third patch Tuesday of 2026. Take a break from your regularly scheduled activities and let’s take a look at the latest security patches from Adobe and Microsoft.If you’d rather watch the full video recap covering the entire release, you can check it out here:

Adobe Patches for March 2026

For March, Adobe released eight bulletins addressing 80 unique CVEs in Adobe Acrobat Reader, Commerce, Illustrator, Substance 3D Painter, Premier Pro, Experience Manager, Substance 3D Stager, and the Adobe DNG Software Development Kit (SDK). Two of these bugs were submitted through the TrendAI ZDI program. If you need to prioritize, the update for Acrobat likely has the most impact, with the patch fixing two Critical-rated and one Important bugs. The fix for Experience Manager is the largest this month with 33 CVEs addressed. However, these are simple cross-site scripting (XSS) bugs, so it’s not too exciting. The fix for Commerce is also quite large with 19 CVEs. Most of these are also XSS bugs, but there’s a few security feature bypass bugs in there, too. Adobe actually gives this patch a deployment priority of 2, but it’s not under active attack at the time of release.

The fix for Illustrator corrects seven bugs, including a few Critical-rated ones. The patch for Substance 3D Painter fixes nine different CVEs, all rated Important. That’s not the case for Substance 3D Stager, which fixes six different Critical bugs that could lead to arbitrary code execution. The patch for the Adobe DNG Software Development Kit (SDK) addresses one Critical and one Important bug. Finally, the update for Premiere Pro correct a single, Critical-rated bug that could lead to arbitrary code execution.

None of the bugs fixed by Adobe this month are listed as publicly known or under active attack at the time of release, and beyond the update for Commerce, all of the other updates released by Adobe this month are listed as deployment priority 3.

Microsoft Patches for March 2026

This month, Microsoft released 84 new CVEs in Windows and Windows components, Office and Office Components, Microsoft Edge (Chromium-based), Azure, SQL Server, Hyper-V Server, and the Windows Resilient File System (ReFS). Counting the third-party and Chromium updates listed in the release, it brings to total number of CVEs to 94. Five of these bugs were reported through the TrendAI ZDI program. Eight of these bugs are rated Critical, and the rest are rated Important in severity.

This volume is relatively typical for a March release, and the lack of bugs under active attack is a nice change from last month. There are two vulnerabilities listed as publicly known at the time of release, but none listed as actively exploited.

Let’s take a closer look at some of the more interesting updates for this month, starting with a bug with an AI slant:

-    CVE-2026-26144 - Microsoft Excel Information Disclosure Vulnerability
This is a fascinating bug and an attack scenario we’re likely to see more often. The vulnerability is a simple cross-site scripting (XSS) bug in Excel, but an attacker could use it to cause the Copilot Agent to exfiltrate data off the target. This essentially makes it a zero-click information disclosure. Although not stated, the disclosure is likely at the level of the logged-on user, so there isn’t a privilege escalation component. Info disclosures rarely get rated Critical, but it makes sense here.

-    CVE-2026-26110/CVE-2026-26113 - Microsoft Office Remote Code Execution Vulnerability
Another month and another pair of Office bugs where the Preview Pane is an exploit vector. I’ve lost count of how many of these bugs have been patched over the last year, but it’s just a matter of time until they start appearing in active exploits. The latest versions of Outlook allow you to hide the Preview Pane, but it isn’t clear if this would mitigate these attacks. The best option is still to test and deploy the update, but considering how many of these patches exist, it’s likely further updates will be needed to fully address these issues.

-    CVE-2026-23669 - Windows Print Spooler Remote Code Execution Vulnerability
Just reading the title makes me twitch with remembrances of Print Nightmare from a few years ago. This bug works in the same manner as those exploits. An authenticated attacker sends specially crafted messages to an affected system to gain arbitrary code execution. No user interaction is required. Let’s hope we don’t end up in a new nightmare of spooler exploits. Test and deploy this one quickly.

-    CVE-2026-23668 - Windows Graphics Component Elevation of Privilege Vulnerability
This vulnerability was submitted to the ZDI program by Marcin Wiązowski as two separate bugs, and it demonstrates the need for variant investigations when creating security patches. Both cases are caused by the lack of proper locking when performing operations on an object. However, in one case, it’s in the cdd.dll driver while the other is in the win32kfull driver. Either way, an attacker could use these to elevate privileges to SYSTEM and execute arbitrary code. Since the fix for both is to add object locking to the GDI object, the cases are combined into a single CVE. That’s not a problem, but it does show how variants can occur, and fixes should be as broad as possible.

Here’s the full list of CVEs released by Microsoft for March 2026:

CVE	Title	Severity	CVSS	Public	Exploited	Type
CVE-2026-26127	.NET Denial of Service Vulnerability	Important	7.5	Yes	No	DoS
CVE-2026-21262	SQL Server Elevation of Privilege Vulnerability	Important	8.8	Yes	No	EoP
CVE-2026-23651	Microsoft ACI Confidential Containers Elevation of Privilege Vulnerability	Critical	6.7	No	No	EoP
CVE-2026-26124	Microsoft ACI Confidential Containers Elevation of Privilege Vulnerability	Critical	6.7	No	No	EoP
CVE-2026-26122	Microsoft ACI Confidential Containers Information Disclosure Vulnerability	Critical	6.5	No	No	Info
CVE-2026-21536	Microsoft Devices Pricing Program Remote Code Execution Vulnerability	Critical	9.8	No	No	RCE
CVE-2026-26144	Microsoft Excel Information Disclosure Vulnerability	Critical	7.5	No	No	Info
CVE-2026-26110	Microsoft Office Remote Code Execution Vulnerability	Critical	8.4	No	No	RCE
CVE-2026-26113	Microsoft Office Remote Code Execution Vulnerability	Critical	8.4	No	No	RCE
CVE-2026-26125	Payment Orchestrator Service Elevation of Privilege Vulnerability	Critical	8.6	No	No	EoP
CVE-2026-26131	.NET Elevation of Privilege Vulnerability	Important	7.8	No	No	EoP
CVE-2026-25177	Active Directory Domain Services Elevation of Privilege Vulnerability	Important	8.8	No	No	EoP
CVE-2026-26117	Arc Enabled Servers - Azure Connected Machine Agent Elevation of Privilege Vulnerability	Important	7.8	No	No	EoP
CVE-2026-26130	ASP.NET Core Denial of Service Vulnerability	Important	7.5	No	No	DoS
CVE-2026-23661	Azure IoT Explorer Information Disclosure Vulnerability	Important	7.5	No	No	Info
CVE-2026-23662	Azure IoT Explorer Information Disclosure Vulnerability	Important	7.5	No	No	Info
CVE-2026-23664	Azure IoT Explorer Information Disclosure Vulnerability	Important	7.5	No	No	Info
CVE-2026-26121	Azure IOT Explorer Spoofing Vulnerability	Important	7.5	No	No	Spoofing
CVE-2026-26118	Azure MCP Server Tools Elevation of Privilege Vulnerability	Important	8.8	No	No	EoP
CVE-2026-23667	Broadcast DVR Elevation of Privilege Vulnerability	Important	7	No	No	EoP
CVE-2026-25190	GDI Remote Code Execution Vulnerability	Important	7.8	No	No	RCE
CVE-2026-25181	GDI+ Information Disclosure Vulnerability	Important	7.5	No	No	Info
CVE-2026-26030 *	GitHub: CVE-2026-26030 Microsoft Semantic Kernel InMemoryVectorStore filter functionality vulnerable	Important	9.9	No	No	RCE
CVE-2026-23654 *	GitHub: Zero Shot SCFoundation Remote Code Execution Vulnerability	Important	8.8	No	No	RCE
CVE-2026-26141	Hybrid Worker Extension (Arc-enabled Windows VMs) Elevation of Privilege Vulnerability	Important	7.8	No	No	EoP
CVE-2026-23665 †	Linux Azure Diagnostic extension (LAD) Elevation of Privilege Vulnerability	Important	7.8	No	No	EoP
CVE-2026-23674	MapUrlToZone Security Feature Bypass Vulnerability	Important	7.5	No	No	SFB
CVE-2026-26123	Microsoft Authenticator Information Disclosure Vulnerability	Important	5.5	No	No	Info
CVE-2026-26148 †	Microsoft Azure AD SSH Login extension for Linux Elevation of Privilege Vulnerability	Important	8.1	No	No	EoP
CVE-2026-25167	Microsoft Brokering File System Elevation of Privilege Vulnerability	Important	7.4	No	No	EoP
CVE-2026-26107	Microsoft Excel Remote Code Execution Vulnerability	Important	7.8	No	No	RCE
CVE-2026-26108	Microsoft Excel Remote Code Execution Vulnerability	Important	7.8	No	No	RCE
CVE-2026-26109	Microsoft Excel Remote Code Execution Vulnerability	Important	8.4	No	No	RCE
CVE-2026-26112	Microsoft Excel Remote Code Execution Vulnerability	Important	7.8	No	No	RCE
CVE-2026-26134	Microsoft Office Elevation of Privilege Vulnerability	Important	7.8	No	No	EoP
CVE-2026-26106	Microsoft SharePoint Server Remote Code Execution Vulnerability	Important	8.8	No	No	RCE
CVE-2026-26114	Microsoft SharePoint Server Remote Code Execution Vulnerability	Important	8.8	No	No	RCE
CVE-2026-26105	Microsoft SharePoint Server Spoofing Vulnerability	Important	8.1	No	No	Spoofing
CVE-2026-24283	Multiple UNC Provider Kernel Driver Elevation of Privilege Vulnerability	Important	8.8	No	No	EoP
CVE-2026-25165	Performance Counters for Windows Elevation of Privilege Vulnerability	Important	7.8	No	No	EoP
CVE-2026-24282	Push message Routing Service Elevation of Privilege Vulnerability	Important	5.5	No	No	Info
CVE-2026-26115	SQL Server Elevation of Privilege Vulnerability	Important	8.8	No	No	EoP
CVE-2026-26116	SQL Server Elevation of Privilege Vulnerability	Important	8.8	No	No	EoP
CVE-2026-20967	System Center Operations Manager (SCOM) Elevation of Privilege Vulnerability	Important	8.8	No	No	EoP
CVE-2026-24285	Win32k Elevation of Privilege Vulnerability	Important	7	No	No	EoP
CVE-2026-24291	Windows Accessibility Infrastructure (ATBroker.exe) Elevation of Privilege Vulnerability	Important	7.8	No	No	EoP
CVE-2026-25186	Windows Accessibility Infrastructure (ATBroker.exe) Information Disclosure Vulnerability	Important	5.5	No	No	Info
CVE-2026-23660 †	Windows Admin Center in Azure Portal Elevation of Privilege Vulnerability	Important	7.8	No	No	EoP
CVE-2026-24293	Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability	Important	7.8	No	No	EoP
CVE-2026-25176	Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability	Important	7.8	No	No	EoP
CVE-2026-25178	Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability	Important	7	No	No	EoP
CVE-2026-25179	Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability	Important	7	No	No	EoP
CVE-2026-23656	Windows App Installer Spoofing Vulnerability	Important	5.9	No	No	Spoofing
CVE-2026-25171	Windows Authentication Elevation of Privilege Vulnerability	Important	7	No	No	EoP
CVE-2026-23671	Windows Bluetooth RFCOM Protocol Driver Elevation of Privilege Vulnerability	Important	7	No	No	EoP
CVE-2026-24292	Windows Connected Devices Platform Service Elevation of Privilege Vulnerability	Important	7.8	No	No	EoP
CVE-2026-24295	Windows Device Association Service Elevation of Privilege Vulnerability	Important	7	No	No	EoP
CVE-2026-24296	Windows Device Association Service Elevation of Privilege Vulnerability	Important	7	No	No	EoP
CVE-2026-25189	Windows DWM Core Library Elevation of Privilege Vulnerability	Important	7.8	No	No	EoP
CVE-2026-25174	Windows Extensible File Allocation Table Elevation of Privilege Vulnerability	Important	7.8	No	No	EoP
CVE-2026-25168	Windows Graphics Component Denial of Service Vulnerability	Important	6.2	No	No	DoS
CVE-2026-25169	Windows Graphics Component Denial of Service Vulnerability	Important	6.2	No	No	DoS
CVE-2026-23668	Windows Graphics Component Elevation of Privilege Vulnerability	Important	7	No	No	EoP
CVE-2026-25180	Windows Graphics Component Information Disclosure Vulnerability	Important	5.5	No	No	Info
CVE-2026-25170	Windows Hyper-V Elevation of Privilege Vulnerability	Important	7	No	No	EoP
CVE-2026-24297	Windows Kerberos Security Feature Bypass Vulnerability	Important	6.5	No	No	SFB
CVE-2026-24287	Windows Kernel Elevation of Privilege Vulnerability	Important	7.8	No	No	EoP
CVE-2026-24289	Windows Kernel Elevation of Privilege Vulnerability	Important	7.8	No	No	EoP
CVE-2026-26132	Windows Kernel Elevation of Privilege Vulnerability	Important	7.8	No	No	EoP
CVE-2026-24288	Windows Mobile Broadband Driver Remote Code Execution Vulnerability	Important	6.8	No	No	RCE
CVE-2026-25175	Windows NTFS Elevation of Privilege Vulnerability	Important	7.8	No	No	EoP
CVE-2026-23669	Windows Print Spooler Remote Code Execution Vulnerability	Important	8.8	No	No	RCE
CVE-2026-24290	Windows Projected File System Elevation of Privilege Vulnerability	Important	7.8	No	No	EoP
CVE-2026-23673	Windows Resilient File System (ReFS) Elevation of Privilege Vulnerability	Important	7.8	No	No	EoP
CVE-2026-25172	Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability	Important	8.8	No	No	RCE
CVE-2026-25173	Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability	Important	8	No	No	RCE
CVE-2026-26111	Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability	Important	8.8	No	No	RCE
CVE-2026-25185	Windows Shell Link Processing Spoofing Vulnerability	Important	5.3	No	No	Spoofing
CVE-2026-24294	Windows SMB Server Elevation of Privilege Vulnerability	Important	7.8	No	No	EoP
CVE-2026-26128	Windows SMB Server Elevation of Privilege Vulnerability	Important	7.8	No	No	EoP
CVE-2026-25166	Windows System Image Manager Assessment and Deployment Kit (ADK) Remote Code Execution Vulnerability	Important	7.8	No	No	RCE
CVE-2026-25188	Windows Telephony Service Elevation of Privilege Vulnerability	Important	8.8	No	No	EoP
CVE-2026-23672	Windows Universal Disk Format File System Driver (UDFS) Elevation of Privilege Vulnerability	Important	7.8	No	No	EoP
CVE-2026-25187	Winlogon Elevation of Privilege Vulnerability	Important	7.8	No	No	EoP
CVE-2026-3536 *	Chromium: CVE-2026-3536 Integer overflow in ANGLE	Critical	N/A	No	No	RCE
CVE-2026-3538 *	Chromium: CVE-2026-3538 Integer overflow in Skia	Critical	N/A	No	No	RCE
CVE-2026-3539 *	Chromium: CVE-2026-3539 Object lifecycle issue in DevTools	High	N/A	No	No	RCE
CVE-2026-3540 *	Chromium: CVE-2026-3540 Inappropriate implementation in WebAudio	High	N/A	No	No	RCE
CVE-2026-3541 *	Chromium: CVE-2026-3541 Inappropriate implementation in CSS	High	N/A	No	No	RCE
CVE-2026-3542 *	Chromium: CVE-2026-3542 Inappropriate implementation in WebAssembly	High	N/A	No	No	RCE
CVE-2026-3543 *	Chromium: CVE-2026-3543 Inappropriate implementation in V8	High	N/A	No	No	RCE
CVE-2026-3544 *	Chromium: CVE-2026-3544 Heap buffer overflow in WebCodecs	High	N/A	No	No	RCE
CVE-2026-3545 *	Chromium: CVE-2026-3545 Insufficient data validation in Navigation	High	N/A	No	No	RCE

* Indicates this CVE had been released by a third party and is now being included in Microsoft releases.

† Indicates further administrative actions are required to fully address the vulnerability.

 

Looking at the other Critical-rated bugs in this month’s release, they are all cloud-native and require no user action. Microsoft has already remediated the vulnerabilities.

Moving on to the other code execution bugs, the vulnerabilities in SharePoint Server pop out first. Both require authentication, but it’s essentially the lowest level of authentication, so these would be ideal cases for lateral movement within an enterprise. There are the standard open-and-own cases within Office components. There an interesting sounding bug in the Windows Mobile Broadband Driver that requires physical access, but Microsoft doesn’t elaborate on the attack scenario beyond that fact. The bug in the System Image Manager Assessment and Deployment Kit (ADK) requires authentication. The bug in GDI requires user interaction. The remaining code execution bugs are in the RRAS protocol. We’ve seen bugs in this component in the past, but never in the wild. I wouldn’t ignore these, but I wouldn’t rush them out either.

Similar to last month, updates for Elevation of Privilege (EoP) bugs make up nearly half of this month’s release. And as we saw last month, but most simply lead to local attackers executing their code at SYSTEM-level privileges or administrative privileges. The bugs in SQL Server allow attackers to elevate to SQL sysadmin privileges. The bug in the Azure MCP Server is more complex. It allows attackers to obtain the permissions associated with the MCP Server’s managed identity, which lets them perform actions that the managed identity is able to reach. The bug in the Azure AD SSH Login extension for Linux leads to root access, and it won’t be easy to patch. You’ll need to run the update instructions from the command line on each affected system. That’s the same case for the bug in the Linux Azure Diagnostic extension (LAD). There’s an odd bug in the Hybrid Worker Extension (Arc‑enabled Windows VMs) that leads to “ELEVATED” privileges, which is something I’ve never seen before. The bug in the Broadcast DVR component allows an attacker to go from low integrity level up to medium. There’s a bug listed as an EoP in the Push message Routing Service, but reading the description, Microsoft notes it could lead to an information disclosure. It’s likely this is an error and should be an Information Disclosure bug. The final EoP is in the Azure Portal Windows Admin Center and leads to SYSTEM. However, there’s no patch to remediate this bug. Instead, you need to install the latest version of the Windows Admin Center extension through the Azure Portal by hand.

There are two security feature bypass patches in the March release. The first is a bypass of the MapURLToZone method, which (as expected) allows attackers to bypass MapURLToZone protections. The third bypass is in Kerberos and could allow an attacker to either view some sensitive information or make changes to “disclosed” information. This is a race condition that occurs while the group policy is being reapplied, so the window to exploit this would be extremely small.

Looking at the remaining info disclosure bugs getting patched this month, only two result in info leaks consisting of unspecified memory contents or memory addresses. Ther others provide more interesting results. There are three bugs in the Azure IoT Explorer have some wide-ranging implications. According to Microsoft, exploitation could result in, “device connection information, authentication tokens, request data, file paths, and other information transmitted between the application and the IoT Hub.” The bug in Authenticator almost reads like a security feature bypass, as exploit results in the disclosure of a one‑time sign‑in code or authentication deep link. The attacker would receive the sign‑in information and could potentially use it to authenticate as the user, allowing access to information or services available to that account. The last info disclosure bug is in the Accessibility Infrastructure and allows an attacker to gain secrets or privileged information belonging to the user of the affected application.

There are only four spoofing bugs in the March release. The first is in SharePoint server and manifests as an XSS. The second bug is a Server-Side Request Forgery (SSRF) in the Azure IoT Explorer. The remaining two are a bit more cryptic. The bug in Windows Shell Link Processing results from the “exposure of sensitive information to an unauthorized actor,” and could lead to spoofing. That sounds like credential exposure, but it’s not explicitly called out. The final spoofing bug results from the insufficient verification of data authenticity in Windows App Installer. Again, this sounds vaguely like credential reflection, but without further information, we can only speculate.

Finally, there are four denial-of-service (DoS) bugs in the release, including one that’s listed as publicly known in the .NET Framework. As usual, Microsoft provides no actionable information about these bugs.

No new advisories are being released this month.

Looking Ahead

I plan on being at RSA for the first time in my career, so if you’re around, please stop by and say hello. I like it when people say hello. Otherwise, I’ll be back on April 14 with my assessment of that patch Tuesday release. Until then, stay safe, happy patching, and may all your reboots be smooth and clean!

I have survived the biggest Pwn2Own ever, but I’m back in Tokyo for the second Patch Tuesday of 2026. My location never stops Patch Tuesday from coming, so let’s take a look at the latest security patches from Adobe and Microsoft. If you’d rather watch the full video recap covering the entire release, you can check it out here:

Adobe Patches for February 2026

For February, Adobe released nine bulletins addressing 44 unique CVEs in Adobe Audition, After Effects, InDesign, Substance 3D Designer, Substance 3D Stager, Adobe Bridge, Substance 3D Modeler, Lightroom Classic, and the Adobe DNG Software Development Kit (SDK). The largest update here is for After Effects, which fixes 13 Critical and two Important rated bugs. The patch for Substance 3D Designer is on the larger side with seven fixes, but only two of those are Critical. On the other hand, the fix for Substance 3D Stager corrects five Critical-rated bugs that could lead to code execution. The Audition patch fixes six bugs, but only one is Critical.

The other patches are smaller in size. The fix for the Adobe DNG Software Development Kit (SDK) corrects two Critical and two Important-rated bugs. The InDesign patch fixes three bugs, but only one is Critical. The update for Adobe Bridge fixes two Critical bug that could lead to code execution. The patch for Lightroom Classic addresses a single Critical bug, and the release is wrapped up with a patch for Substance 3D Modeler that fixes a single, Important-rated memory link.

None of the bugs fixed by Adobe this month are listed as publicly known or under active attack at the time of release, and all of the updates released by Adobe this month are listed as deployment priority 3.

Microsoft Patches for February 2026

This month, Microsoft drops 58 new CVEs in Windows and Windows components, Office and Office Components, Azure, Microsoft Edge (Chromium-based), .NET and Visual Studio, GitHub Copilot, Mailslot FS, Exchange Server, Internet Explorer (!), Power BI, Hyper-V Server, and the Windows Subsystem for Linux. Counting the third-party and Chromium updates listed in the release, it brings the total number of CVEs to 62. One of the bugs in the Windows Graphics component was submitted through the ZDI program. Five of these bugs are rated Critical, two are rated Moderate, and the rest are rated Important in severity.

It’s typical to see this number of CVEs released in February, but the number of bugs under active attack is extraordinarily high. Microsoft lists six bugs being exploited at the time of release, with three of these listed as publicly known. Last month only had a single bug being exploited, although there were twice as many CVEs patched. We’ll see if we’re on our way to another “hot exploit summer” as we saw a few years ago or if this is just an aberration.

Let’s take a closer look at some of the more interesting updates for this month, starting with the bugs under active attack:

-    CVE-2026-21510 - Windows Shell Security Feature Bypass Vulnerability
This bug is listed as a security feature bypass, but it could also be classified as code execution. An attacker can bypass Windows SmartScreen and Windows Shell security prompts to execute code on a target system. This bug is also listed as publicly known, but Microsoft doesn’t say where. There is user interaction here, as the client needs to click a link or a shortcut file. Still, a one-click bug to gain code execution is a rarity. Definitely test and deploy this fix quickly.

-    CVE-2026-21514 - Microsoft Word Security Feature Bypass Vulnerability
This bug also requires user interaction in the form of opening a Word document, but that’s all that’s required to bypass protections to dangerous COM/OLE controls. Thankfully, the Preview Pane is not an attack vector here. However, users are well known to open lots of documents they receive in e-mail. This bypass could also result in code execution if the right COM/OLE control is hit. This is also listed as publicly known, so add this to the list to test and deploy quickly.

-    CVE-2026-21519 - Desktop Window Manager Elevation of Privilege Vulnerability
This is the second month in a row that a DWM was listed as being exploited in the wild. That leads me to believe the first patch didn’t completely resolve the vulnerability. Same as last month, this bug allows attackers to run code with SYSTEM privileges. Bugs of this type are typically paired with a code execution bug to take over a system. As always, Microsoft offers no indication of how widespread these exploits may be.

-    CVE-2026-21533 - Windows Remote Desktop Services Elevation of Privilege Vulnerability
Don’t let the word “Remote” in the title fool you – this is a local bug that allows attackers to run code with SYSTEM privileges. It’s interesting that Microsoft lists “Improper privilege management” as the root cause for this issue. If the system is running Remote Desktop Services, it’s probably a juicy target for attackers to move laterally after an initial breach. Add this one to the list of patches to test and deploy immediately.

-    CVE-2026-21513 - Internet Explorer Security Feature Bypass Vulnerability
Although long gone by many measurements, IE does still exist on Windows systems, and calling it always results in a vulnerability somehow. This bug manifests similarly to the Shell bug above, as it requires user interaction but could result in code execution. The bypass here is simply the ability to reach IE, which shouldn’t be possible. Again, test and deploy this fix quickly.

-    CVE-2026-21525 - Windows Remote Access Connection Manager Denial of Service Vulnerability
It’s unusual to see DoS bugs being used in active attacks, but that’s what we have here. A null pointer deref in the Windows Remote Access Connection Manager allows an unauthorized attacker to deny service locally. Most null pointer derefs cause the application or service to crash, but it’s not clear if it will automatically restart. I would exercise caution and patch quickly either way.

Here’s the full list of CVEs released by Microsoft for February 2026:

CVE	Title	Severity	CVSS	Public	Exploited	TYPE
CVE-2026-21514	Microsoft Word Security Feature Bypass Vulnerability	Important	7.8	Yes	Yes	SFB
CVE-2026-21510	Windows Shell Security Feature Bypass Vulnerability	Important	8.8	Yes	Yes	SFB
CVE-2026-21513	Internet Explorer Security Feature Bypass Vulnerability	Important	8.8	Yes	Yes	SFB
CVE-2026-21519	Desktop Window Manager Elevation of Privilege Vulnerability	Important	7.8	No	Yes	EoP
CVE-2026-21533	Windows Remote Desktop Services Elevation of Privilege Vulnerability	Important	7.8	No	Yes	EoP
CVE-2026-21525	Windows Remote Access Connection Manager Denial of Service Vulnerability	Moderate	6.2	No	Yes	DoS
CVE-2026-21511	Microsoft Outlook Spoofing Vulnerability	Important	7.5	No	No	Spoofing
CVE-2023-2804 *	Red Hat, Inc. CVE-2023-2804: Heap Based Overflow libjpeg-turbo	Important	6.5	Yes	No	RCE
CVE-2026-24302	Azure Arc Elevation of Privilege Vulnerability	Critical	8.6	No	No	EoP
CVE-2026-24300	Azure Front Door Elevation of Privilege Vulnerability	Critical	9.8	No	No	EoP
CVE-2026-21532	Azure Function Information Disclosure Vulnerability	Critical	8.2	No	No	Info
CVE-2026-21522	Microsoft ACI Confidential Containers Elevation of Privilege Vulnerability	Critical	6.7	No	No	EoP
CVE-2026-23655	Microsoft ACI Confidential Containers Information Disclosure Vulnerability	Critical	6.5	No	No	Info
CVE-2026-21218	.NET and Visual Studio Spoofing Vulnerability	Important	7.5	No	No	Spoofing
CVE-2026-21512	Azure DevOps Server Cross-Site Scripting Vulnerability	Important	6.5	No	No	XSS
CVE-2026-21529 †	Azure HDInsight Spoofing Vulnerability	Important	5.7	No	No	Spoofing
CVE-2026-21528	Azure IoT Explorer Information Disclosure Vulnerability	Important	6.5	No	No	Info
CVE-2026-21228	Azure Local Remote Code Execution Vulnerability	Important	8.1	No	No	RCE
CVE-2026-21531	Azure SDK for Python Remote Code Execution Vulnerability	Important	9.8	No	No	RCE
CVE-2026-21251	Cluster Client Failover (CCF) Elevation of Privilege Vulnerability	Important	7.8	No	No	EoP
CVE-2026-20846	GDI+ Denial of Service Vulnerability	Important	7.5	No	No	DoS
CVE-2026-21523	GitHub Copilot and Visual Studio Code Remote Code Execution Vulnerability	Important	8	No	No	RCE
CVE-2026-21518	GitHub Copilot and Visual Studio Code Security Feature Bypass Vulnerability	Important	6.5	No	No	SFB
CVE-2026-21257	GitHub Copilot and Visual Studio Elevation of Privilege Vulnerability	Important	8	No	No	EoP
CVE-2026-21256	GitHub Copilot and Visual Studio Remote Code Execution Vulnerability	Important	8.8	No	No	RCE
CVE-2026-21516	GitHub Copilot for Jetbrains Remote Code Execution Vulnerability	Important	8.8	No	No	RCE
CVE-2026-21253	Mailslot File System Elevation of Privilege Vulnerability	Important	7	No	No	EoP
CVE-2026-21537 †	Microsoft Defender for Endpoint Linux Extension Remote Code Execution Vulnerability	Important	8.8	No	No	RCE
CVE-2026-21259	Microsoft Excel Elevation of Privilege Vulnerability	Important	7.3	No	No	EoP
CVE-2026-21258	Microsoft Excel Information Disclosure Vulnerability	Important	5.5	No	No	Info
CVE-2026-21261	Microsoft Excel Information Disclosure Vulnerability	Important	5.5	No	No	Info
CVE-2026-21527	Microsoft Exchange Server Spoofing Vulnerability	Important	6.5	No	No	Spoofing
CVE-2026-21260	Microsoft Outlook Spoofing Vulnerability	Important	7.5	No	No	Spoofing
CVE-2026-21229	Power BI Remote Code Execution Vulnerability	Important	8	No	No	RCE
CVE-2026-21236	Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability	Important	7.8	No	No	EoP
CVE-2026-21238	Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability	Important	7.8	No	No	EoP
CVE-2026-21241	Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability	Important	7	No	No	EoP
CVE-2026-21517	Windows App for Mac Installer Elevation of Privilege Vulnerability	Important	7	No	No	EoP
CVE-2026-21234	Windows Connected Devices Platform Service Elevation of Privilege Vulnerability	Important	7	No	No	EoP
CVE-2026-21235	Windows Graphics Component Elevation of Privilege Vulnerability	Important	7.3	No	No	EoP
CVE-2026-21246	Windows Graphics Component Elevation of Privilege Vulnerability	Important	7.8	No	No	EoP
CVE-2026-21232	Windows HTTP.sys Elevation of Privilege Vulnerability	Important	7.8	No	No	EoP
CVE-2026-21240	Windows HTTP.sys Elevation of Privilege Vulnerability	Important	7.8	No	No	EoP
CVE-2026-21250	Windows HTTP.sys Elevation of Privilege Vulnerability	Important	7.8	No	No	EoP
CVE-2026-21244	Windows Hyper-V Remote Code Execution Vulnerability	Important	7.3	No	No	RCE
CVE-2026-21247	Windows Hyper-V Remote Code Execution Vulnerability	Important	7.3	No	No	RCE
CVE-2026-21248	Windows Hyper-V Remote Code Execution Vulnerability	Important	7.3	No	No	RCE
CVE-2026-21255	Windows Hyper-V Security Feature Bypass Vulnerability	Important	8.8	No	No	SFB
CVE-2026-21231	Windows Kernel Elevation of Privilege Vulnerability	Important	7.8	No	No	EoP
CVE-2026-21239	Windows Kernel Elevation of Privilege Vulnerability	Important	7.8	No	No	EoP
CVE-2026-21245	Windows Kernel Elevation of Privilege Vulnerability	Important	7.8	No	No	EoP
CVE-2026-21222	Windows Kernel Information Disclosure Vulnerability	Important	5.5	No	No	Info
CVE-2026-21243	Windows Lightweight Directory Access Protocol (LDAP) Denial of Service Vulnerability	Important	7.5	No	No	DoS
CVE-2026-20841	Windows Notepad App Remote Code Execution Vulnerability	Important	8.8	No	No	RCE
CVE-2026-21249	Windows NTLM Spoofing Vulnerability	Important	3.3	No	No	Spoofing
CVE-2026-21508	Windows Storage Elevation of Privilege Vulnerability	Important	7	No	No	EoP
CVE-2026-21237	Windows Subsystem for Linux Elevation of Privilege Vulnerability	Important	7	No	No	EoP
CVE-2026-21242	Windows Subsystem for Linux Elevation of Privilege Vulnerability	Important	7	No	No	EoP
CVE-2026-1861 *	Chromium: CVE-2026-1861 Heap buffer overflow in libvpx	High	N/A	No	No	RCE
CVE-2026-1862 *	Chromium: CVE-2026-1862 Type Confusion in V8	High	N/A	No	No	RCE
CVE-2026-0391	Microsoft Edge (Chromium-based) for Android Spoofing Vulnerability	Moderate	6.5	No	No	Spoofing

* Indicates this CVE had been released by a third party and is now being included in Microsoft releases.

† Indicates further administrative actions are required to fully address the vulnerability.

 

Moving on to the Critical-rated bugs, the patch for Azure Front Door sounds frightening, but Microsoft has already fixed the bug and is just now documenting it. That’s also true for the bugs in Azure Arc and Azure Function. There are two Critical-rated bugs in the ACI Confidential Containers. The first allows a container escape while the second discloses secret tokens and keys. Either way, you’ll want to handle those quickly.

Taking a look at the other code execution vulnerabilities in this month’s release, we start with a frightening looking bug in Azure SDK for Python that has the highest CVSS this month of 9.8. A remote, unauthenticated attacker code gain code execution on an affected system via a maliciously crafted continuation token. It’s not clear why this isn’t rated Critical, but I would treat it as such. The three bugs in Hyper-V are actually local open-and-own bugs that require a user to open a malicious file on an affected system. That’s also true for the bug in Notepad. The bug in Power BI is confusing, because Microsoft says it requires authentication and could lead to an attacker running code as an authenticated user. There’s the poorly named “Azure Local Remote Code Execution Vulnerability”, but it requires a machine-in-the-middle (MitM) to exploit. The bug in Defender for Endpoint Linux is restricted to local subnets, but you’ll need to enable auto provisioning to get the patch. The final code execution bugs addressed this month are in GitHub Copilot. Two are command injections and the other is a Time-of-check time-of-use (toctou) race condition, but both could end up in code execution on affected systems.

Patches for Elevation of Privilege (EoP) bugs make up nearly 50% of this release, but most simply lead to local attackers executing their code at SYSTEM-level privileges or administrative privileges. There are only two of note. The first is a command injection bug in GitHub Copilot that leads to executing code at the level of the targeted application. The second is a bug in a kernel that leads to SYSTEM but could also be used for a sandbox escape.

There’s a unusually high number of spoofing bugs in this month’s release, and the ones for Outlook are the most troubling. First, the Preview Pane is an attack vector. Secondly, the bugs could be used to relay NTLM credentials via just an email, which could result in credential disclosure. And you’ll need multiple patches to fully address these bugs. At least they can be applied in any order.  There’s a UI misrepresentation bug in Exchange Server that could allow an attacker to either view some sensitive information or “make changes to disclosed information”. At what point does data become disclosed? That odd phrasing makes me think they are using AI to right some of their descriptions. The phrasing also appears in the patch for NTLM. That bug is triggered by opening a specially crafted Office doc, and while they explicitly say it could be used to relay NTLM creds, it sure seems that way. The patch for .NET and Visual Studio fixes a bug that allows attackers to bypass header validation, resulting in the service accepting a message it should reject. Finally, the bug in Azure HDInsight is really just a cross-site scripting (XSS) bug. The caveat here is that you need to restart Ambari server in both of the head nodes to have this fix updated. There is also an XSS in Azure Devops Server, but at least it is labelled as such.

There are a couple of additional security feature bypass bugs to discuss. The first is in Hyper-V and bypasses the Virtualization-based Security feature. The other is in GitHub Copilot and Visual Studio Code. It’s another command injection, but this one can be used to bypass authentication. Neat.

Looking at the remaining info disclosure bugs getting patched this month, most simply result in info leaks consisting of unspecified memory contents or memory addresses. The exception is the bug in Azure IoT Explorer. This bug could be used to view the contents of the target user’s local file system.

We end this month’s release with two DoS bugs: one in LDAP and one in GDI+. Neither descriptions from Microsoft provide any usable information.

No new advisories are being released this month.

Looking Ahead

I plan on being back home for the March release but wherever I’m at, you can rest assured that March 10, I’ll be here to provide my assessment of the release. Until then, stay safe, happy patching, and may all your reboots be smooth and clean!

The last day of Pwn2Own Automotive 2026 saw the world’s top security researchers take their final shots at the latest automotive systems. Over three days of intense competition, $1,047,000 USD was awarded for 76 unique 0-day vulnerabilities, with bold exploits, clever techniques, and collisions keeping the action thrilling throughout.

By the end, Tobias Scharnowski (@ScepticCtf), Felix Buchmann (@diff_fusion), and Kristian Covic (@SeTcbPrivilege) of Fuzzware.io claimed the title of Master of Pwn, earning 28 points and $215,500 USD.

Follow the final updates on Twitter, Mastodon, LinkedIn, and Bluesky, and join the conversation using #Pwn2OwnAutomotive and #P2OAuto.

SUCCESS / COLLISON - Tobias Scharnowski (@ScepticCtf), Felix Buchmann (@diff_fusion), and Kristian Covic (@SeTcbPrivilege) of Fuzzware.io targeted the Alpine iLX-F511, demonstrating one vulnerability previously used by another contestant, earning $2,500 USD and 1 Master of Pwn point. #Pwn2Own #P2OAuto

SUCCESS / COLLISON - Slow Horses of Qrious Secure (@qriousec) targeted the Grizzl-E Smart 40A but encountered two bug collisions, still earning $5,000 USD and 2 Master of Pwn points.

SUCCESS / COLLISON - Team MST targeted the Kenwood DNR1007XR, demonstrating one bug but running into a collision, earning $2,500 USD and 1 Master of Pwn point.

SUCCESS - PetoWorks (@petoworks) targeted the Grizzl-E Smart 40A, exploiting one buffer overflow bug, and earned $10,000 USD and 4 Master of Pwn points.

SUCCESS - Bongeun Koo (@kiddo_pwn) and Evangelos Daravigkas (@freddo_1337) of Team DDOS targeted the Alpine iLX‑F511, exploiting a stack‑based buffer overflow to earn $5,000 USD and 2 Master of Pwn points.

SUCCESS - Viettel Cyber Security (@vcslab) targeted the Sony XAV‑9500ES, exploiting a heap‑based buffer overflow to achieve arbitrary code execution, earning $10,000 USD and 2 Master of Pwn points. #Pwn2Own #P2OAuto

SUCCESS / COLLISON - Qrious Secure (@qriousec) targeted the Kenwood system, demonstrating three bugs - one n-day and two unique vulnerabilities (incorrect permission assignment and a race condition), earning $4,000 USD and 1.75 Master of Pwn points.

SUCCESS - Boom! or shall we say Doom? Game On! Aapo Oksman, Elias Ikkelä-Koski and Mikael Kantola of Juurin Oy exploit the Alpitronic HYC50 with a TOCTOU bug - and installed a playable version of Doom to boot. They earn $20,000 and 4 Master of Pwn points. #Pwn2Own #P2OAuto

SUCCESS / COLLISON - Nguyen Thanh Dat (@rewhiles) of Viettel Cyber Security (@vcslab) targeted the Kenwood DNR1007XR, demonstrating one bug but encountering a collision, earning $2,500 USD and 1 Master of Pwn point.

SUCCESS / COLLISON - Autocrypt (Hoyong Jin, Jaewoo Jeong, Chanhyeok Jung, Minsoo Son, and Kisang Choi) targeted the Alpine iLX-F511, demonstrating two vulnerabilities to gain root access. One collided with a previously known issue, earning $3,000 USD and 1.25 Master of Pwn points.

SUCCESS - Elias Ikkelä-Koski and Aapo Oksman of Juurin Oy targeted the Kenwood DNR1007XR, demonstrating a link-following vulnerability to earn $5,000 USD and 2 Master of Pwn points.

SUCCESS - Nam Ha Bach and Vu Tien Hoa of the FPT NightWolf Team targeted the Alpine iLX-F511, exploiting one unique vulnerability to gain root access and earning $5,000 USD and 2 Master of Pwn points.

SUCCESS / COLLISON - Ryo Kato (@Pwn4S0n1c) targeted the Autel MaxiCharger AC Elite Home 40A, demonstrating a three-bug chain but encountering one collision, still earning $16,750 USD and 3.5 Master of Pwn points.

Day Two of Pwn2Own Automotive 2026 was packed with action, and the stakes continued to rise. Security researchers returned to the Pwn2Own stage, probing and challenging the latest automotive systems as the competition intensified. New exploits, unexpected twists, and standout performances emerged throughout the day - follow along here for daily updates as the race for Master of Pwn heats up. 

Following an action-packed Day One, where $516,500 USD was awarded for 37 unique 0-day vulnerabilities, Day Two added another $439,250 USD and 29 unique 0-days, bringing the event totals to $955,750 USD with 66 unique vulnerabilities overall. Fuzzware.io holds a commanding lead for Master of Pwn, but with one day to go, anything can still happen. We’ll see what the final day of the contest brings. 

Stay up to date throughout Day Two by following us on Twitter, Mastodon, LinkedIn, and Bluesky, and join the conversation using #Pwn2Own Automotive and #P2OAuto. 

SUCCESS - Inhyung Lee, Seokhun Lee, Chulhan Park, Wooseok Kim, and Yeonseok Jang of Team MAMMOTH exploited a command injection vulnerability against the Alpine iLX-F511, earning $10,000 USD and 2 Master of Pwn points.

FAILURE - Autocrypt - Hoyong Jin, Jaewoo Jeong, Chanhyeok Jung, Minsoo Son, and Kisang Choi - targeted the Grizzl‑E Smart 40A with the Charging Connector Protocol/Signal Manipulation add‑on but were unable to demonstrate the vulnerability within the allotted time.

SUCCESS - Julien COHEN‑SCALI of FuzzingLabs (@FuzzingLabs) targeted the Phoenix Contact CHARX SEC‑3150, chaining two vulnerabilities - an authentication bypass and privilege escalation - to earn $20,000 USD and 4 Master of Pwn points.

SUCCESS - Neodyme AG (@Neodyme) exploited a buffer overflow vulnerability (CWE‑120) in Round 3 to achieve privileged code execution on the Sony XAV‑9500ES, earning $10,000 USD and 2 Master of Pwn points. #Pwn2Own #P2OAuto

SUCCESS - Hank Chen (@hank0438) of InnoEdge Labs exploited an exposed dangerous method against the Alpitronic HYC50 – Lab Mode, earning $40,000 USD and 4 Master of Pwn points.

SUCCESS / COLLISON - Nguyen Thanh Dat (@rewhiles) of Viettel Cyber Security (@vcslab) targeted the Alpine iLX-F511, hitting a one-vulnerability collision with a previous attempt and earning $2,500 USD and 1 Master of Pwn point.

SUCCESS / COLLISON - BoredPentester (@BoredPentester) targeted the Grizzl‑E Smart 40A with the Charging Connector Protocol/Signal Manipulation add‑on, combining two bugs to earn $20,000 USD and 3 Master of Pwn points. #Pwn2Own #P2OAuto

SUCCESS / COLLISON - Bongeun Koo (@kiddo_pwn) and Evangelos Daravigkas (@freddo_1337) of Team DDOS targeted the Kenwood DNR1007XR, exploiting an n‑day command injection to earn $4,000 USD and 1 Master of Pwn point.

SUCCESS - Sina Kheirkhah (@SinSinology) of Summoning Team (@SummoningTeam) targeted the Kenwood DNR1007XR in Round 6, exploiting a command injection vulnerability to earn $5,000 USD and 2 Master of Pwn points.

SUCCESS / COLLISON - Kazuki Furukawa (@N4NU) of GMO Cybersecurity by Ierae targeted the Alpine iLX-F511, hitting a one-vulnerability collision with a previous attempt and earning $2,500 USD and 1 Master of Pwn point. #Pwn2Own #P2OAuto

SUCCESS / COLLISON - Donggeon Kim (@gbdngb12), Hoon Nam (@pwnstar96), Jaeho Jeong (@jeongZero), Sangsoo Jeong (@sangs00Jeong), and Wonyoung Jung (@nonetype_pwn) of 78ResearchLab targeted the Kenwood DNR1007XR, exploiting one n-day vulnerability along with two collisions to earn $2,500 USD and 1 Master of Pwn point.

SUCCESS - Xilokar (xilokar@mamot.fr) targeted the Alpitronic HYC50 – Lab Mode, exploiting one bug to earn $20,000 USD and 4 Master of Pwn points.

SUCCESS / COLLISON - Hyeongseok Lee (@fluorite_pwn), Yunje Shin (@YunjeShin), Chaeeul Hyun (@yskm_Gunter), Ingyu Yang (@Mafty5275), Hoseok Kang (@cl4y419), Seungyeon Park (@vvsy46), and Wonjun Choi (@won6_choi) of BoB::Takedown targeted the Grizzl-E Smart 40A, hitting one collision and one unique 0-day, earning $15,000 USD and 3 Master of Pwn points.

SUCCESS - Tobias Scharnowski (@ScepticCtf), Felix Buchmann (@diff_fusion), and Kristian Covic (@SeTcbPrivilege) of Fuzzware.io targeted the Phoenix Contact CHARX SEC-3150 in Round 5, exploiting three bugs with two add-ons to earn $50,000 USD and 7 Master of Pwn points.

SUCCESS / COLLISON - Slow Horses of Qrious Secure (@qriousec) targeted the Alpine iLX-F511, resulting in a single vulnerability collision with a previous attempt, earning $2,500 USD and 1 Master of Pwn point.

FAILURE - Autocrypt (Hoyong Jin, Jaewoo Jeong, Chanhyeok Jung, Minsoo Son, and Kisang Choi) targeted the Autel MaxiCharger AC Elite Home 40A with the Charging Connector Protocol/Signal Manipulation add-on, but ran out of attempts before the exploit could be demonstrated.

SUCCESS - BoredPentester (@BoredPentester) targeted the Kenwood DNR1007XR, demonstrating a command injection vulnerability to earn $5,000 USD and 2 Master of Pwn points.

SUCCESS - Rob Blakely of Technical Debt Collectors targeted Automotive Grade Linux, chaining three bugs - an out-of-bounds read, memory exhaustion, and a heap overflow - to earn $40,000 USD and 4 Master of Pwnpoints. #Pwn2Own #P2OAuto

SUCCESS / COLLISON - PHP Hooligans / Midnight Blue (@midnightbluelab) targeted the Autel MaxiCharger AC Elite Home 40A with the Charging Connector Protocol/Signal Manipulation add-on, hitting a full collision on a two-bug chain, earning $20,000 USD and 3 Master of Pwn points. #Pwn2Own #P2OAuto

SUCCESS - Synacktiv (@synacktiv) targeted the Autel MaxiCharger AC Elite Home 40A with the Charging Connector Protocol/Signal Manipulation add‑on. In Round 2, they exploited one stack‑based buffer overflow, earning $30,000 USD and 5 Master of Pwn points.

SUCCESS - Tobias Scharnowski (@ScepticCtf), Felix Buchmann (@diff_fusion), and Kristian Covic (@SeTcbPrivilege) of Fuzzware.io targeted the ChargePoint Home Flex (CPH50-K) with the Charging Connector Protocol/Signal Manipulation add-on, exploiting one command injection bug to earn $30,000 USD and 5 Master of Pwn points. #Pwn2Own #P2OAuto

FAILURE - PetoWorks (@petoworks) targeted the Alpine iLX-F511 but was unable to demonstrate their exploit within the allotted time.

SUCCESS - Sina Kheirkhah (@SinSinology) of Summoning Team (@SummoningTeam) targeted the ChargePoint Home Flex (CPH50-K) with the Charging Connector Protocol/Signal Manipulation add-on, exploiting two bugs to earn $30,000 USD and 5 Master of Pwn points.

SUCCESS / COLLISON - PetoWorks (@petoworks) targeted the Kenwood DNR1007XR, hitting one bug collision earning $2,500 USD and 1 Master of Pwn point.

SUCCESS / COLLISON - Tobias Scharnowski (@ScepticCtf), Felix Buchmann (@diff_fusion), and Kristian Covic (@SeTcbPrivilege) of Fuzzware.io targeted the Grizzl-E Smart 40A with the Charging Connector Protocol/Signal Manipulation add-on, resulting in two bug collisions and earning $15,000 USD and 3 Master of Pwn points.

SUCCESS / COLLISON - Bongeun Koo (@kiddo_pwn) and Evangelos Daravigkas (@freddo_1337) of Team DDOS targeted the Phoenix Contact CHARX SEC-3150 with the Charging Connector Protocol/Signal Manipulation add-on, demonstrating six bugs but encountering a collision, still earning $19,250 USD and 4.75 Master of Pwn points.

SUCCESS - Sina Kheirkhah (@SinSinology) of Summoning Team (@SummoningTeam) targeted the Alpine iLX-F511, exploiting two unique vulnerabilities to gain root access, earning $5,000 USD and 2 Master of Pwn points.

SUCCESS / COLLISON - Evan Grant (@stargravy) targeted the Grizzl-E Smart 40A with the Charging Connector Protocol/Signal Manipulation add-on, hitting two bug collisions, still earning $15,000 USD and 3 Master of Pwn points.

SUCCESS / COLLISON - Hyeonjun Lee (@gul9ul), Younghun Kwon (@d0kk2bi), Hyeokjong Yun (@dig06161), Dohwan Kim (@neko__hat), Hanryeol Park (@hanR0724), Hyojin Lee (@meixploit), Jinyeong Yoon, and Youngmin Cho (@ZIEN0621) of ZIEN, Inc. targeted the ChargePoint Home Flex (CPH50-K), demonstrating two unique bugs (symlink following and command injection) but encountered a collision with a previous attempt - still earning $16,750 USD and 3.5 Master of Pwn points.

SUCCESS / COLLISON - Hyeongseok Lee (@fluorite_pwn), Yunje Shin (@YunjeShin), Chaeeul Hyun (@yskm_Gunter), Ingyu Yang (@Mafty5275), Hoseok Kang (@cl4y419), Seungyeon Park (@vvsy46), and Wonjun Choi (@won6_choi) of BoB::Takedown targeted the Phoenix Contact CHARX SEC-3150, demonstrating three bugs, but ran into two collisions, earning $6,750 USD and 2.75 Master of Pwn points.

Welcome to Day One of Pwn2Own Automotive 2026! Today, 30 entries took the Pwn2Own stage to target the latest automotive systems, as the world’s top security researchers push technology to its limits. Exploits, surprises, and breakthrough discoveries are unfolding.

After Day One, we awarded $516,500 for 37 unique 0-days! Fuzzware.io is currently in the lead for Master of Pwn, but Team DDOS is right on their heels. Stay tuned tomorrow for more results and surprises.

Stay up to date by following us on Twitter, Mastodon, LinkedIn, and Bluesky, and join the conversation using #Pwn2Own Automotive and #P2OAuto for continuous coverage. 

FAILURE - Unfortunately, Team Hacking Group targeting Kenwood DNR1007XR in the In-Vehicle Infotainment (IVI) category could not get their exploit working within the time allotted.

SUCCESS - Neodyme AG (@Neodyme) used a stack based buffer overflow to get a root shell on the Alpine iLX-F511, earning $20,000 USD and 2 Master of Pwn points.

SUCCESS - Fuzzware.io ( @ScepticCtf, @diff_fusion, @SeTcbPrivilege) chained two vulnerabilities (CWE-306, CWE-347) to achieve code execution on the Autel charger and manipulate the charging signal, earning $50,000 USD and 5 Master of Pwn points. Full win with the add-on.

SUCCESS - Taejin Kim (@tae3pwn), Junsu Yeo (@junactually), Sunmin Park (@sunminpark4503), Sungmin Son (@_ssm98), and Hoseok Lee of SKShieldus (@EQSTLab) of 299 exploited a hardcoded credential (CWE-798) to achieve code execution via CWE-494 on the Grizzl-E Smart 40A, earning $40,000 USD and 4 Master of Pwn points.

SUCCESS - Bongeun Koo (@kiddo_pwn) and Evangelos Daravigkas (@freddo_1337) of Team DDOS exploited two bugs, including a command injection, against the ChargePoint Home Flex. Add-on failed, but still earned $40,000 USD and 4 Master of Pwn points.

SUCCESS - Cyrill Bannwart, Emanuele Barbeno, Yves Bieri, Lukasz D., and Urs Mueller of Compass Security (@compasssecurity) exploited one exposed dangerous method/function bug on the Alpine iLX-F511, winning Round 2 for $10,000 USD and 2 Master of Pwn points.

SUCCESS - PetoWorks (@petoworks) chained three bugs - including Denial of Service (DoS), a race condition, and command injection - against the Phoenix Contact CHARX SEC-3150, winning Round 1 for $50,000 USD and 5 Master of Pwn points with the signal manipulation add-on.

SUCCESS - Synacktiv (@synacktiv) chained three vulnerabilities to gain root-level code execution on the Sony XAV-9500ES, earning a full win of $20,000 USD and 2 Master of Pwn points.

SUCCESS - Tobias Scharnowski (@ScepticCtf), Felix Buchmann (@diff_fusion), and Kristian Covic (@SeTcbPrivilege) of Fuzzware.io exploited an n-day command injection against Kenwood, earning $8,000 USD and 1 Master of Pwn point.

SUCCESS - Yannik Marchand (@kinnay) exploited a single out-of-bounds write to achieve a full win against the Kenwood DNR1007XR, earning $20,000 USD and 2 Master of Pwn points.

FAILURE - Hyunseok Yun, Heaeun Moon, and Eungyo Seo of CIS targeted the Alpine iLX-F511 but were unable to complete their exploit within the allotted time.

SUCCESS / COLLISON - Cyrill Bannwart, Emanuele Barbeno, Yves Bieri, Lukasz D., and Urs Mueller of Compass Security (@compasssecurity) earned $25,000 USD and 4 Master of Pwn points with the Charging Connector Protocol/Signal Manipulation add‑on against the Grizzl‑E Smart 40A, chaining an authentication bypass (CWE‑306) to remote code execution via CWE‑494.

FAILURE - Tobias Scharnowski (@ScepticCtf), Felix Buchmann (@diff_fusion), and Kristian Covic (@SeTcbPrivilege) of Fuzzware.io targeted the EMPORIA Pro Charger Level 2 with the Charging Connector Protocol/Signal Manipulation add‑on but were unable to complete their exploit within the allotted time.

SUCCESS / COLLISON - Kazuki Furukawa (@N4NU) of GMO Cybersecurity chained three bugs against Kenwood - including an n‑day hard‑coded credential, incorrect permissions on a critical resource, and command injection - to earn $8,000 USD and 1.75 Master of Pwn points.

SUCCESS / COLLISON - Bongeun Koo (@kiddo_pwn) and Evangelos Daravigkas (@freddo_1337) of Team DDOS targeted the Autel MaxiCharger AC Elite Home 40A with the Charging Connector Protocol/Signal Manipulation add-on. Due to a full collision with a previous attempt, they earned $10,000 USD and 2 Master of Pwn points.

SUCCESS / COLLISON - Chumy Tsai (@rm_rf_chumy), Jimmy Liu (@DrmnSamoLiu), and Jim Chen (@asef18766) of Cycraft Technology (@cycraft_corp) targeted the Grizzl-E Smart 40A. Due to a 2-bug collision, they earned $10,000 USD and 2 Master of Pwn points.

SUCCESS - Mia Miku Deutsch (@newbe3e) exploited a stack-based buffer overflow against the Alpine iLX‑F511, earning $10,000 USD and 2 Master of Pwn points.

SUCCESS - Synacktiv (@synacktiv) chained two vulnerabilities - an information leak and an out‑of‑bounds write - to achieve a full win in the Tesla Infotainment USB‑based Attack category, earning $35,000 USD and 3.5 Master of Pwn points.

SUCCESS / COLLISON - Donggeon Kim (@gbdngb12), Hoon Nam (@pwnstar96), Jaeho Jeong (@jeongZero), Sangsoo Jeong (@sangs00Jeong), and Wonyoung Jung (@nonetype_pwn) of 78ResearchLab hit a one‑vulnerability collision against the Alpine iLX‑F511, earning $5,000 USD and 1 Master of Pwn point.

SUCCESS - Giuseppe Calì (_gcali) and 8cf53a459714977f6bb11ee2d90416bf1675fa0e2451d80cf55a06d0b6ac2 of Team Zeroshi exploited five bugs against the Phoenix Contact CHARX SEC-3150, securing a Round 2 win for $20,000 USD and 4 Master of Pwn points.

SUCCESS / COLLISON - Bongeun Koo (@kiddo_pwn) and Evangelos Daravigkas (@freddo_1337) of Team DDOS hit a collision against the Grizzl-E Smart 40A with the Charging Connector Protocol/Signal Manipulation add-on, combining three duplicate bugs and one new bug to earn $22,500 USD and 3.5 Master of Pwn points.

FAILURE - Tobias Scharnowski (@ScepticCtf), Felix Buchmann (@diff_fusion), and Kristian Covic (@SeTcbPrivilege) of Fuzzware.io targeted Sony XAV-9500ES but were unable to get their exploit working within the allotted time.

FAILURE - Viettel Cyber Security (@vcslab) targeted the ChargePoint Home Flex (CPH50-K) but were unable to get their exploit working within the allotted time.

SUCCESS - Tobias Scharnowski (@ScepticCtf), Felix Buchmann (@diff_fusion), and Kristian Covic (@SeTcbPrivilege) of Fuzzware.io achieved a full win against the Alpitronic HYC50 - Field Mode, exploiting a single out-of-bounds write to earn $60,000 USD and 6 Master of Pwn points.

SUCCESS - Dong hee Kim (@heehee_0219_) and Jong geon Kim (@kimjor22) of Team K exploited two vulnerabilities - an out-of-bounds read and a stack-based buffer overflow - against the Alpine iLX-F511, earning $10,000 USD and 2 Master of Pwn points.

SUCCESS - Interrupt Labs (@InterruptLabs) scored a Round 3 win against the Kenwood DNR1007XR, exploiting a unique heap-based buffer overflow to earn $10,000 USD and 2 Master of Pwn points. #Pwn2Own #P2OAuto

FAILURE - Jonathan Conrad (@jwconrad.bsky.social) targeted the Grizzl-E Smart 40A but was unable to reproduce the vulnerability within the allotted time.

SUCCESS / COLLISON - TienPP of FPT NightWolf hit a collision against the Kenwood DNR1007XR, chaining three bugs - including an n‑day hard‑coded credential and two 0‑days (incorrect default permissions and symlink following) - to earn $8,000 USD and 1.75 Master of Pwn points.

SUCCESS - @ExLuck99 and @gr4ss341 of ANHTUD chained two vulnerabilities (CWE‑125 and CWE‑122) to achieve code execution on the Sony XAV‑9500ES, earning $10,000 USD and 2 Master of Pwn points in Round 2.

SUCCESS / COLLISON - Donggeon Kim (@gbdngb12), Hoon Nam (@pwnstar96), Jaeho Jeong (@jeongZero), Sangsoo Jeong (@sangs00Jeong), and Wonyoung Jung (@nonetype_pwn) of 78ResearchLab targeted the Phoenix Contact CHARX SEC‑3150, chaining four bugs (two unique and two collisions) to earn $15,000 USD and 3 Master of Pwn points.

おかえりなさい (Welcome back!) The third annual Pwn2Own Automotive competition has returned to Automotive World in Tokyo, and the excitement is building. This year marks a major milestone for Pwn2Own, with a record 73 entries. We’ve brought together some of the world’s most talented security researchers to take on the latest automotive components, pushing them to their limits in a real-world testing environment.

Earlier today, we held the random drawing to determine the order of attempts, setting the stage for an exciting lineup of demonstrations and discoveries. Below is the official schedule based on that draw. All times are listed in Tokyo local time and may change as the competition progresses - updates will be posted as the event unfolds.

In case you missed it, you can watch the draw here.

Jump to:    Day One           Day Two           Day Three

Day One

Wednesday, January 21 – 1100

Team Hacking Group targeting Kenwood DNR1007XR in the In-Vehicle Infotainment (IVI) category for a total of $20,000 and 2 Master of Pwn points.

Tobias Scharnowski (@ScepticCtf), Felix Buchmann (@diff_fusion), and Kristian Covic (@SeTcbPrivilege) of Fuzzware.io targeting Autel MaxiCharger AC Elite Home 40A EV Charger in the Level 2 Electric Vehicle Chargers category with the Charging Connector Protocol/Signal Manipulation add-on for a total of $50,000 and 5 Master of Pwn points.

Neodyme AG (@Neodyme) targeting Alpine iLX-F511 in the In-Vehicle Infotainment (IVI) category for a total of $20,000 and 2 Master of Pwn points.

Bongeun Koo (@kiddo_pwn) and Evangelos Daravigkas (@freddo_1337) of Team DDOS targeting ChargePoint Home Flex (Model CPH50-K) in the Level 2 Electric Vehicle Chargers category with the Charging Connector Protocol/Signal Manipulation add-on for a total of $50,000 and 5 Master of Pwn points.

Taejin Kim (@_tae3_), Junsu Yeo (@junactually), Sunmin Park (@sunminpark4503), Sungmin Son (@_ssm98), Hoseok Lee of SKShieldus (@EQSTLab) of 299 targeting Grizzl-E Smart 40A in the Level 2 Electric Vehicle Chargers category for a total of $40,000 and 4 Master of Pwn points.

Wednesday, January 21 – 1200

PetoWorks (@petoworks) targeting Phoenix Contact CHARX SEC-3150 in the Level 2 Electric Vehicle Chargers category with the Charging Connector Protocol/Signal Manipulation add-on for a total of $50,000 and 5 Master of Pwn points.

Wednesday, January 21 – 1230

Tobias Scharnowski (@ScepticCtf), Felix Buchmann (@diff_fusion), and Kristian Covic (@SeTcbPrivilege) of Fuzzware.io targeting Kenwood DNR1007XR in the In-Vehicle Infotainment (IVI) category for a total of $20,000 and 2 Master of Pwn points.

Synacktiv (@synacktiv) targeting Sony XAV-9500ES in the In-Vehicle Infotainment (IVI) category for a total of $20,000 and 2 Master of Pwn points.

Cyrill Bannwart, Emanuele Barbeno, Yves Bieri, Lukasz D., and Urs Mueller of Compass Security (@compasssecurity) targeting Alpine iLX-F511 in the In-Vehicle Infotainment (IVI) category for a total of $20,000 and 2 Master of Pwn points.

Wednesday, January 21 – 1400

Yannik Marchand (@kinnay) targeting Kenwood DNR1007XR in the In-Vehicle Infotainment (IVI) category for a total of $20,000 and 2 Master of Pwn points.

Hyunseok Yun, Heaeun Moon, Eungyo Seo of CIS targeting Alpine iLX-F511 in the In-Vehicle Infotainment (IVI) category for a total of $20,000 and 2 Master of Pwn points

Synacktiv (@synacktiv) targeting Infotainment USB-based Attack in the Tesla Infotainment category for a total of $35,000 and 3.5 Master of Pwn points.

Tobias Scharnowski (@ScepticCtf), Felix Buchmann (@diff_fusion), and Kristian Covic (@SeTcbPrivilege) of Fuzzware.io targeting EMPORIA Pro Charger Level 2 in the Level 2 Electric Vehicle Chargers category with the Charging Connector Protocol/Signal Manipulation add-on for a total of $50,000 and 5 Master of Pwn points.

Cyrill Bannwart, Emanuele Barbeno, Yves Bieri, Lukasz D., Urs Mueller of Compass Security (@compasssecurity) targeting Grizzl-E Smart 40A in the Level 2 Electric Vehicle Chargers category with the Charging Connector Protocol/Signal Manipulation add-on for a total of $50,000 and 5 Master of Pwn points.

Wednesday, January 21 – 1500

Bongeun Koo (@kiddo_pwn) and Evangelos Daravigkas (@freddo_1337) of Team DDOS targeting Autel MaxiCharger AC Elite Home 40A EV Charger in the Level 2 Electric Vehicle Chargers category with the Charging Connector Protocol/Signal Manipulation add-on for a total of $50,000 and 5 Master of Pwn points.

Wednesday, January 21 – 1530

Kazuki Furukawa (@_N4NU_) of GMO Cybersecurity by Ierae targeting Kenwood DNR1007XR in the In-Vehicle Infotainment (IVI) category for a total of $20,000 and 2 Master of Pwn points.

Mia Miku Deutsch (@newbe3e) targeting Alpine iLX-F511 in the In-Vehicle Infotainment (IVI) category for a total of $20,000 and 2 Master of Pwn points.

Tobias Scharnowski (@ScepticCtf), Felix Buchmann (@diff_fusion), and Kristian Covic (@SeTcbPrivilege) of Fuzzware.io targeting Alpitronic HYC50 - Field Mode in the Level 3 Electric Vehicle Chargers category for a total of $60,000 and 6 Master of Pwn points.

Chumy Tsai (@rm_rf_chumy), Jimmy Liu (@DrmnSamoLiu), and Jim Chen (@asef18766) at Cycraft Technology (@cycraft_corp) targeting Grizzl-E Smart 40A in the Level 2 Electric Vehicle Chargers category for a total of $40,000 and 4 Master of Pwn points.

Wednesday, January 21 – 1600

Team Zeroshi targeting Phoenix Contact CHARX SEC-3150 in the Level 2 Electric Vehicle Chargers category with the Charging Connector Protocol/Signal Manipulation add-on for a total of $50,000 and 5 Master of Pwn points.

Wednesday, January 21 – 1700

Interrupt Labs (@InterruptLabs) targeting Kenwood DNR1007XR in the In-Vehicle Infotainment (IVI) category for a total of $20,000 and 2 Master of Pwn points.

Donggeon Kim (@gbdngb12), Hoon Nam (@pwnstar96), Jaeho Jeong (@jeongZero), Sangsoo Jeong (@sangs00Jeong) and Wonyoung Jung (@nonetype_pwn) of 78ResearchLab targeting Alpine iLX-F511 in the In-Vehicle Infotainment (IVI) category for a total of $20,000 and 2 Master of Pwn points.

Bongeun Koo (@kiddo_pwn) and Evangelos Daravigkas (@freddo_1337) of Team DDOS targeting Grizzl-E Smart 40A in the Level 2 Electric Vehicle Chargers category with the Charging Connector Protocol/Signal Manipulation add-on for a total of $50,000 and 5 Master of Pwn points.

Wednesday, January 21 – 1730

Tobias Scharnowski (@ScepticCtf), Felix Buchmann (@diff_fusion), and Kristian Covic (@SeTcbPrivilege) of Fuzzware.io targeting Sony XAV-9500ES in the In-Vehicle Infotainment (IVI) category for a total of $20,000 and 2 Master of Pwn points.

Viettel Cyber Security (@vcslab) targeting ChargePoint Home Flex (Model CPH50-K) in the Level 2 Electric Vehicle Chargers category for a total of $40,000 and 4 Master of Pwn points.

Wednesday, January 21 – 1830

TienPP from FPT NightWolf targeting Kenwood DNR1007XR in the In-Vehicle Infotainment (IVI) category for a total of $20,000 and 2 Master of Pwn points.  

Dong hee Kim (@heehee_0219_) and Jong geon Kim (@kimjor22) targeting Alpine iLX-F511 in the In-Vehicle Infotainment (IVI) category for a total of $20,000 and 2 Master of Pwn points.  

Donggeon Kim (@gbdngb12), Hoon Nam (@pwnstar96), Jaeho Jeong (@jeongZero), Sangsoo Jeong (@sangs00Jeong) and Wonyoung Jung (@nonetype_pwn) of 78ResearchLab targeting Phoenix Contact CHARX SEC-3150 in the Level 2 Electric Vehicle Chargers category for a total of $40,000 and 4 Master of Pwn points.  

Jonathan Conrad (@jwconrad.bsky.social) targeting Grizzl-E Smart 40A in the Level 2 Electric Vehicle Chargers category for a total of $40,000 and 4 Master of Pwn points.

Wednesday, January 21 – 1900

@ExLuck99 and @gr4ss341 of ANHTUD targeting Sony XAV-9500ES in the In-Vehicle Infotainment (IVI) category for a total of $20,000 and 2 Master of Pwn points.

Back to top

Day Two

Thursday, January 22 – 1030

Bongeun Koo (@kiddo_pwn) and Evangelos Daravigkas (@freddo_1337) of Team DDOS targeting Kenwood DNR1007XR in the In-Vehicle Infotainment (IVI) category for a total of $20,000 and 2 Master of Pwn points.

Inhyung Lee, Seokhun Lee, Chulhan Park, Wooseok Kim, and Yeonseok Jang from Team MAMMOTH targeting Alpine iLX-F511 in the In-Vehicle Infotainment (IVI) category for a total of $20,000 and 2 Master of Pwn points.

Julien COHEN-SCALI from FuzzingLabs (@FuzzingLabs) targeting Phoenix Contact CHARX SEC-3150 in the Level 2 Electric Vehicle Chargers category for a total of $40,000 and 4 Master of Pwn points.  

Hank Chen (@hank0438) of InnoEdge Labs targeting Alpitronic HYC50 - Lab Mode in the Level 3 Electric Vehicle Chargers category for a total of $40,000 and 4 Master of Pwn points.   

Autocrypt (Hoyong Jin, Jaewoo Jeong, Chanhyeok Jung, Minsoo Son, and Kisang Choi) targeting Grizzl-E Smart 40A in the Level 2 Electric Vehicle Chargers category with the Charging Connector Protocol/Signal Manipulation add-on for a total of $50,000 and 5 Master of Pwn points.

Thursday, January 22 – 1130

Neodyme AG (@Neodyme) targeting Sony XAV-9500ES in the In-Vehicle Infotainment (IVI) category for a total of $20,000 and 2 Master of Pwn points.

Thursday, January 22 – 1200

Sina Kheirkhah (@SinSinology) of Summoning Team (@SummoningTeam) targeting Kenwood DNR1007XR in the In-Vehicle Infotainment (IVI) category for a total of $20,000 and 2 Master of Pwn points.

Nguyen Thanh Dat (@rewhiles) from Viettel Cyber Security (@vcslab) targeting Alpine iLX-F511 in the In-Vehicle Infotainment (IVI) category for a total of $20,000 and 2 Master of Pwn points.

BoredPentester (@BoredPentester) targeting Grizzl-E Smart 40A in the Level 2 Electric Vehicle Chargers category with the Charging Connector Protocol/Signal Manipulation add-on for a total of $50,000 and 5 Master of Pwn points.

Thursday, January 22 – 1230

Tobias Scharnowski (@ScepticCtf), Felix Buchmann (@diff_fusion), and Kristian Covic (@SeTcbPrivilege) of Fuzzware.io targeting Phoenix Contact CHARX SEC-3150 in the Level 2 Electric Vehicle Chargers category with the Charging Connector Attack and Charging Connector Protocol/Signal Manipulation add-on for a total of $70,000 and 7 Master of Pwn points.

Xilokar (xilokar@mamot.fr) targeting Alpitronic HYC50 - Lab Mode in the Level 3 Electric Vehicle Chargers category for a total of $40,000 and 4 Master of Pwn points.

Thursday, January 22 – 1300

PHP Hooligans / Midnight Blue (@midnightbluelab) targeting Autel MaxiCharger AC Elite Home 40A EV Charger in the Level 2 Electric Vehicle Chargers category with the Charging Connector Protocol/Signal Manipulation add-on for a total of $50,000 and 5 Master of Pwn points.

Thursday, January 22 – 1330

Donggeon Kim (@gbdngb12), Hoon Nam (@pwnstar96), Jaeho Jeong (@jeongZero), Sangsoo Jeong (@sangs00Jeong) and Wonyoung Jung (@nonetype_pwn) of 78ResearchLab targeting Kenwood DNR1007XR in the In-Vehicle Infotainment (IVI) category for a total of $20,000 and 2 Master of Pwn points.

Kazuki Furukawa (@_N4NU_) of GMO Cybersecurity by Ierae targeting Alpine iLX-F511 in the In-Vehicle Infotainment (IVI) category for a total of $20,000 and 2 Master of Pwn points.

Hyeongseok Lee (@fluorite_pwn), Yunje Shin (@YunjeShin), Chaeeul Hyun (@yskm_Gunter), Ingyu Yang (@Mafty5275), Hoseok Kang (@clay419), Seungyeon Park (@vvsy46), and Wonjun Choi (@won6_choi) of BoB::Takedown targeting Grizzl-E Smart 40A in the Level 2 Electric Vehicle Chargers category for a total of $40,000 and 4 Master of Pwn points.

Thursday, January 22 – 1430

Autocrypt (Hoyong Jin, Jaewoo Jeong, Chanhyeok Jung, Minsoo Son, and Kisang Choi) targeting Autel MaxiCharger AC Elite Home 40A EV Charger in the Level 2 Electric Vehicle Chargers category with the Charging Connector Protocol/Signal Manipulation add-on for a total of $50,000 and 5 Master of Pwn points.

Rob Blakely of Technical Debt Collectors targeting Automotive Grade Linux in the Operating System category for a total of $40,000 and 4 Master of Pwn points.

Tobias Scharnowski (@ScepticCtf), Felix Buchmann (@diff_fusion), and Kristian Covic (@SeTcbPrivilege) of Fuzzware.io targeting ChargePoint Home Flex (Model CPH50-K) in the Level 2 Electric Vehicle Chargers category with the Charging Connector Protocol/Signal Manipulation add-on for a total of $50,000 and 5 Master of Pwn points.

Thursday, January 22 – 1500

BoredPentester (@BoredPentester) targeting Kenwood DNR1007XR in the In-Vehicle Infotainment (IVI) category for a total of $20,000 and 2 Master of Pwn points.

Slow Horses of Qrious Secure (@qriousec) targeting Alpine iLX-F511 in the In-Vehicle Infotainment (IVI) category for a total of $20,000 and 2 Master of Pwn points.

Thursday, January 22 – 1600

Synacktiv (@synacktiv) targeting Autel MaxiCharger AC Elite Home 40A EV Charger in the Level 2 Electric Vehicle Chargers category with the Charging Connector Protocol/Signal Manipulation add-on for a total of $50,000 and 5 Master of Pwn points.

Bongeun Koo (@kiddo_pwn) and Evangelos Daravigkas (@freddo_1337) of Team DDOS targeting Phoenix Contact CHARX SEC-3150 in the Level 2 Electric Vehicle Chargers category with the Charging Connector Protocol/Signal Manipulation add-on for a total of $50,000 and 5 Master of Pwn points.

Thursday, January 22 – 1630

PetoWorks (@petoworks) targeting Alpine iLX-F511 in the In-Vehicle Infotainment (IVI) category for a total of $20,000 and 2 Master of Pwn points.

Sina Kheirkhah (@SinSinology) of Summoning Team (@SummoningTeam) targeting ChargePoint Home Flex (Model CPH50-K) in the Level 2 Electric Vehicle Chargers category with the Charging Connector Protocol/Signal Manipulation add-on for a total of $50,000 and 5 Master of Pwn points.

Thursday, January 22 – 1700

Tobias Scharnowski (@ScepticCtf), Felix Buchmann (@diff_fusion), and Kristian Covic (@SeTcbPrivilege) of Fuzzware.io targeting Grizzl-E Smart 40A in the Level 2 Electric Vehicle Chargers category with the Charging Connector Protocol/Signal Manipulation add-on for a total of $50,000 and 5 Master of Pwn points.

Thursday, January 22 – 1800

PetoWorks (@petoworks) targeting Kenwood DNR1007XR in the In-Vehicle Infotainment (IVI) category for a total of $20,000 and 2 Master of Pwn points.

Hyeongseok Lee (@fluorite_pwn), Yunje Shin (@YunjeShin), Chaeeul Hyun (@yskm_Gunter), Ingyu Yang (@Mafty5275), Hoseok Kang (@clay419), Seungyeon Park (@vvsy46), and Wonjun Choi (@won6_choi) of BoB::Takedown targeting Phoenix Contact CHARX SEC-3150 in the Level 2 Electric Vehicle Chargers category for a total of $40,000 and 4 Master of Pwn points.

Thursday, January 22 – 1830

Sina Kheirkhah (@SinSinology) of Summoning Team (@SummoningTeam) targeting Alpine iLX-F511 in the In-Vehicle Infotainment (IVI) category for a total of $20,000 and 2 Master of Pwn points.

Hyeonjun Lee (@gul9ul), Younghun Kwon (@d0kk2bi), Hyeokjong Yun (@dig06161), Dohwan Kim (@neko__hat), Hanryeol Park (@hanR0724), Hyojin Lee (@meixploit), Jinyeong Yoon, and Youngmin Cho (@ZIEN0621) of ZIEN, Inc. targeting ChargePoint Home Flex (Model CPH50-K) in the Level 2 Electric Vehicle Chargers category for a total of $40,000 and 4 Master of Pwn points.

Evan Grant (@stargravy) targeting Grizzl-E Smart 40A in the Level 2 Electric Vehicle Chargers category with the Charging Connector Protocol/Signal Manipulation add-on for a total of $50,000 and 5 Master of Pwn points.

Back to top

Day Three

Friday, January 23 – 1030

Team MST targeting Kenwood DNR1007XR in the In-Vehicle Infotainment (IVI) category for a total of $20,000 and 2 Master of Pwn points.

Viettel Cyber Security (@vcslab) targeting Sony XAV-9500ES in the In-Vehicle Infotainment (IVI) category for a total of $20,000 and 2 Master of Pwn points.

Tobias Scharnowski (@ScepticCtf), Felix Buchmann (@diff_fusion), and Kristian Covic (@SeTcbPrivilege) of Fuzzware.io targeting Alpine iLX-F511 in the In-Vehicle Infotainment (IVI) category for a total of $20,000 and 2 Master of Pwn points.

Slow Horses of Qrious Secure (@qriousec) targeting Grizzl-E Smart 40A in the Level 2 Electric Vehicle Chargers category for a total of $40,000 and 4 Master of Pwn points.

Friday, January 23 – 1200

Slow Horses of Qrious Secure (@qriousec) targeting Kenwood DNR1007XR in the In-Vehicle Infotainment (IVI) category for a total of $20,000 and 2 Master of Pwn points.

Bongeun Koo (@kiddo_pwn) and Evangelos Daravigkas (@freddo_1337) of Team DDOS targeting Alpine iLX-F511 in the In-Vehicle Infotainment (IVI) category for a total of $20,000 and 2 Master of Pwn points.

PetoWorks (@petoworks) targeting Grizzl-E Smart 40A in the Level 2 Electric Vehicle Chargers category with the Charging Connector Protocol/Signal Manipulation add-on for a total of $50,000 and 5 Master of Pwn points.

Friday, January 23 – 1300

Aapo Oksman, Elias Ikkelä-Koski and Mikael Kantola of Juurin Oy targeting the Alpitronic HYC50 - Lab Mode in the Level 3 Electric Vehicle Chargers category for a total of $40,000 and 4 Master of Pwn points.

Friday, January 23 – 1330

Nguyen Thanh Dat (@rewhiles) from Viettel Cyber Security (@vcslab) targeting Kenwood DNR1007XR in the In-Vehicle Infotainment (IVI) category for a total of $20,000 and 2 Master of Pwn points.

Autocrypt (Hoyong Jin, Jaewoo Jeong, Chanhyeok Jung, Minsoo Son, Kisang Choi) targeting Alpine iLX-F511 in the In-Vehicle Infotainment (IVI) category for a total of $20,000 and 2 Master of Pwn points.

Friday, January 23 – 1500

Elias Ikkelä-Koski and Aapo Oksman of Juurin Oy targeting Kenwood DNR1007XR in the In-Vehicle Infotainment (IVI) category for a total of $20,000 and 2 Master of Pwn points.

Ryo Kato (@Pwn4S0n1c) targeting the Autel MaxiCharger AC Elite Home 40A EV Charger in the Level 2 Electric Vehicle Chargers category for a total of $40,000 and 4 Master of Pwn points.

Nam Ha Bach and Vu Tien Hoa from FPT NightWolf Team targeting Alpine iLX-F511 in the In-Vehicle Infotainment (IVI) category for a total of $20,000 and 2 Master of Pwn points.

The Results 

Follow the action live! We’ll be posting real-time updates and results throughout the competition on our blog and across social media. Stay up to date by following us on Twitter, Mastodon, LinkedIn, and Bluesky, and join the conversation using #Pwn2Own Automotive and #P2OAuto for continuous coverage. 

I may be in Tokyo preparing for Pwn2Own Automotive, but that doesn’t stop patch Tuesday from coming. Put aside your broken New Year’s resolutions for just a moment as we review the latest security patches from Adobe and Microsoft. If you’d rather watch the full video recap covering the entire release, you can check it out here:

Adobe Patches for January 2026

For January, Adobe released 11 bulletins addressing 25 unique CVEs in Adobe Dreamweaver, InDesign, Illustrator, InCopy, Bridge, Substance 3D Modeler, Substance 3D Stager, Substance 3D Painter, Substance 3D Sampler, Substance 3D Designer, and ColdFusion. The patch for ColdFusion fixes a single code execution bug, but the update is listed as Priority 1. It isn’t publicly known or under active attack, though. The fix for Dreamweaver corrects five Critical-rated code execution bugs. The update for InDesign also has five CVEs, but only four are rated Critical. The Substance 3D Modeler patch contains six fixes total, but only two are for arbitrary code execution.

The patch for Substance 3D Stager fixes a single, Critical-rated code execution bug. That’s the same story for Substance 3D Painter, Adobe Bridge, and InCopy. The patch for Substance 3D Sampler is a bit odd. It states that it was released in August but updated today. The CVE is from 2026, so this may just be a clerical error. The patch for Substance 3D Designer fixes a single Important-severity memory leak. Finally, the fix for Illustrator includes one Critical-rated and one Important-severity bug.

None of the bugs fixed by Adobe this month are listed as publicly known or under active attack at the time of release. Besides the fix for ColdFusion, all of the updates released by Adobe this month are listed as deployment priority 3.

Microsoft Patches for January 2026

Microsoft kicks off the new year with a bang, dropping 112 new CVEs in Windows and Windows components, Office and Office Components, Azure, Microsoft Edge (Chromium-based), SharePoint Server, SQL Server, SMB Server, and Windows Management Services.

One of these bugs came through the ZDI program. Of the patches released today, eight are rated Critical while the rest are rated Important in severity. Counting the third-party Chromium updates listed in the release, it brings to total number of CVEs to 114.

It’s not uncommon to see a large release in January. I suspect vendors hold off on certain updates through the holiday season to prevent disruptions should patches fail or cause application compatibility issues. This results in a large January release. Last year was Microsoft’s second busiest in terms of CVEs released. We’ll see if they top that in 2026.

Microsoft lists one bug under active attack, but two others as publicly known at the time of the release (although I think that number should be three). Let’s take a closer look at some of the more interesting updates for this month, starting with the bug under active attack:

-    CVE-2026-20805 - Desktop Window Manager Information Disclosure Vulnerability
It’s a bit unusual to see an information disclosure bug exploited in the wild, but that’s what we have here. This bug allows an attacker to leak a section address from a remote ALPC port. Presumably, threat actors would then use the address in the next stage of their exploit chain – probably gaining arbitrary code execution. This shows how memory leaks can be as important as code execution bugs since they make the RCEs reliable. As always, Microsoft offers no indication of how widespread these exploits may be, but considering the source, they are likely limited.

-    CVE-2026-21265 - Secure Boot Certificate Expiration Security Feature Bypass Vulnerability
While unlikely to be exploited, this bug could cause quite a bit of headaches for administrators. You will need to update the expiring certificates to continue receiving security updates or trusting new boot loaders. Again, the chances this CVE gets exploited are low. However, the chance this CVE gets ignored and devices using Secure Boot don’t receive patches is quite high. Also, this is listed as publicly known, but that just means Microsoft published information about this months ago.

-    CVE-2026-20952/202953 - Microsoft Office Remote Code Execution Vulnerability
Another month with Preview Pane exploit vectors in an Office bug. While we are still unaware of any exploitation of these bugs, they keep adding up. It’s only a matter of time until threat actors find a way to use these types of bugs in their exploits. If you are concerned about these, you can take the extra precaution of disabling the Preview Pane, which at least prevents exploitation without user interaction.

-    CVE-2026-20876 – Windows Virtualization-Based Security (VBS) Enclave Elevation of Privilege Vulnerability
VBS is a newer security feature in Windows, and Virtual Trust Levels (VTL) serve as different privilege levels. VTL2 is currently the highest privileged level, and this bug allows attackers to escalate to VTL2. Microsoft doesn’t say if you need to be at VTL0 or VTL1 to exploit this bug. As far as I can recall, this is the first VTL escalation bug patched within VBS. Microsoft lists this as CVSS 6.7, but I believe this is a scope change since you’re traversing VTL levels. Taking that into consideration makes the  CVSS score 8.2 (High).

Here’s the full list of CVEs released by Microsoft for January 2026:

CVE	Title	Severity	CVSS	Public	Exploited	Type
CVE-2026-20805	Desktop Window Manager Information Disclosure Vulnerability	Important	5.5	No	Yes	Info
CVE-2023-31096 *	MITRE: CVE-2023-31096 Windows Agere Soft Modem Driver Elevation of Privilege Vulnerability	Important	7.8	Yes	No	EoP
CVE-2026-21265 †	Secure Boot Certificate Expiration Security Feature Bypass Vulnerability	Important	6.4	Yes	No	SFB
CVE-2024-55414 *	Windows Motorola Soft Modem Driver Elevation of Privilege Vulnerability	Important	7.8	Yes*	No	EoP
CVE-2026-20955	Microsoft Excel Remote Code Execution Vulnerability	Critical	7.8	No	No	RCE
CVE-2026-20957	Microsoft Excel Remote Code Execution Vulnerability	Critical	7.8	No	No	RCE
CVE-2026-20952	Microsoft Office Remote Code Execution Vulnerability	Critical	8.4	No	No	RCE
CVE-2026-20953	Microsoft Office Remote Code Execution Vulnerability	Critical	8.4	No	No	RCE
CVE-2026-20944	Microsoft Word Remote Code Execution Vulnerability	Critical	7.8	No	No	RCE
CVE-2026-20822	Windows Graphics Component Elevation of Privilege Vulnerability	Critical	7.8	No	No	EoP
CVE-2026-20854	Windows Local Security Authority Subsystem Service (LSASS) Remote Code Execution Vulnerability	Critical	7.5	No	No	RCE
CVE-2026-20876	Windows Virtualization-Based Security (VBS) Enclave Elevation of Privilege Vulnerability	Critical	6.7	No	No	EoP
CVE-2026-21224	Azure Connected Machine Agent Elevation of Privilege Vulnerability	Important	7.8	No	No	EoP
CVE-2026-21226	Azure Core shared client library for Python Remote Code Execution Vulnerability	Important	7.5	No	No	RCE
CVE-2026-20815	Capability Access Management Service (camsvc) Elevation of Privilege Vulnerability	Important	7	No	No	EoP
CVE-2026-20830	Capability Access Management Service (camsvc) Elevation of Privilege Vulnerability	Important	7	No	No	EoP
CVE-2026-21221	Capability Access Management Service (camsvc) Elevation of Privilege Vulnerability	Important	7	No	No	EoP
CVE-2026-20835	Capability Access Management Service (camsvc) Information Disclosure Vulnerability	Important	5.5	No	No	Info
CVE-2026-20851	Capability Access Management Service (camsvc) Information Disclosure Vulnerability	Important	6.2	No	No	Info
CVE-2026-20871	Desktop Windows Manager Elevation of Privilege Vulnerability	Important	7.8	No	No	EoP
CVE-2026-20814	DirectX Graphics Kernel Elevation of Privilege Vulnerability	Important	7	No	No	EoP
CVE-2026-20836	DirectX Graphics Kernel Elevation of Privilege Vulnerability	Important	7	No	No	EoP
CVE-2026-20962	Dynamic Root of Trust for Measurement (DRTM) Information Disclosure Vulnerability	Important	4.4	No	No	Info
CVE-2026-20941	Host Process for Windows Tasks Elevation of Privilege Vulnerability	Important	7.8	No	No	EoP
CVE-2026-21219	Inbox COM Objects (Global Memory) Remote Code Execution Vulnerability	Important	7	No	No	RCE
CVE-2026-20812	LDAP Tampering Vulnerability	Important	6.5	No	No	Tampering
CVE-2026-20842	Microsoft DWM Core Library Elevation of Privilege Vulnerability	Important	7	No	No	EoP
CVE-2026-20946	Microsoft Excel Remote Code Execution Vulnerability	Important	7.8	No	No	RCE
CVE-2026-20950	Microsoft Excel Remote Code Execution Vulnerability	Important	7.8	No	No	RCE
CVE-2026-20956	Microsoft Excel Remote Code Execution Vulnerability	Important	7.8	No	No	RCE
CVE-2026-20949	Microsoft Excel Security Feature Bypass Vulnerability	Important	7.8	No	No	SFB
CVE-2026-20943	Microsoft Office Click-To-Run Elevation of Privilege Vulnerability	Important	7	No	No	EoP
CVE-2026-20958	Microsoft SharePoint Information Disclosure Vulnerability	Important	5.4	No	No	Info
CVE-2026-20963	Microsoft SharePoint Remote Code Execution Vulnerability	Important	8.8	No	No	RCE
CVE-2026-20947	Microsoft SharePoint Server Remote Code Execution Vulnerability	Important	8.8	No	No	RCE
CVE-2026-20951	Microsoft SharePoint Server Remote Code Execution Vulnerability	Important	7.8	No	No	RCE
CVE-2026-20959	Microsoft SharePoint Server Spoofing Vulnerability	Important	4.6	No	No	Spoofing
CVE-2026-20803 †	Microsoft SQL Server Elevation of Privilege Vulnerability	Important	7.2	No	No	EoP
CVE-2026-20847	Microsoft Windows File Explorer Spoofing Vulnerability	Important	6.5	No	No	Spoofing
CVE-2026-20948	Microsoft Word Remote Code Execution Vulnerability	Important	7.8	No	No	RCE
CVE-2026-20872	NTLM Hash Disclosure Spoofing Vulnerability	Important	6.5	No	No	Spoofing
CVE-2026-20925	NTLM Hash Disclosure Spoofing Vulnerability	Important	6.5	No	No	Spoofing
CVE-2026-20821	Remote Procedure Call Information Disclosure Vulnerability	Important	6.2	No	No	Info
CVE-2026-20826	Tablet Windows User Interface (TWINUI) Subsystem Information Disclosure Vulnerability	Important	7.8	No	No	EoP
CVE-2026-20827	Tablet Windows User Interface (TWINUI) Subsystem Information Disclosure Vulnerability	Important	5.5	No	No	Info
CVE-2026-20829	TPM Trustlet Information Disclosure Vulnerability	Important	5.5	No	No	Info
CVE-2026-20811	Win32k Elevation of Privilege Vulnerability	Important	7.8	No	No	EoP
CVE-2026-20863	Win32k Elevation of Privilege Vulnerability	Important	7	No	No	EoP
CVE-2026-20920	Win32k Elevation of Privilege Vulnerability	Important	7.8	No	No	EoP
CVE-2026-20965	Windows Admin Center Elevation of Privilege Vulnerability	Important	7.5	No	No	EoP
CVE-2026-20810	Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability	Important	7.8	No	No	EoP
CVE-2026-20831	Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability	Important	7	No	No	EoP
CVE-2026-20860	Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability	Important	7.8	No	No	EoP
CVE-2026-20839	Windows Client-Side Caching (CSC) Service Information Disclosure Vulnerability	Important	5.5	No	No	Info
CVE-2026-20844	Windows Clipboard Server Elevation of Privilege Vulnerability	Important	7.4	No	No	EoP
CVE-2026-20857	Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability	Important	7.8	No	No	EoP
CVE-2026-20940	Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability	Important	7.8	No	No	EoP
CVE-2026-20820	Windows Common Log File System Driver Elevation of Privilege Vulnerability	Important	7.8	No	No	EoP
CVE-2026-20864	Windows Connected Devices Platform Service Elevation of Privilege Vulnerability	Important	7.8	No	No	EoP
CVE-2026-0386 †	Windows Deployment Services Remote Code Execution Vulnerability	Important	7.5	No	No	RCE
CVE-2026-20817	Windows Error Reporting Service Elevation of Privilege Vulnerability	Important	7.8	No	No	EoP
CVE-2026-20808	Windows File Explorer Elevation of Privilege Vulnerability	Important	7	No	No	EoP
CVE-2026-20823	Windows File Explorer Information Disclosure Vulnerability	Important	5.5	No	No	Info
CVE-2026-20932	Windows File Explorer Information Disclosure Vulnerability	Important	5.5	No	No	Info
CVE-2026-20937	Windows File Explorer Information Disclosure Vulnerability	Important	5.5	No	No	Info
CVE-2026-20939	Windows File Explorer Information Disclosure Vulnerability	Important	5.5	No	No	Info
CVE-2026-20804	Windows Hello Tampering Vulnerability	Important	7.7	No	No	Tampering
CVE-2026-20852	Windows Hello Tampering Vulnerability	Important	7.7	No	No	Tampering
CVE-2026-20929	Windows HTTP.sys Elevation of Privilege Vulnerability	Important	7.5	No	No	EoP
CVE-2026-20825	Windows Hyper-V Information Disclosure Vulnerability	Important	4.4	No	No	Info
CVE-2026-20816	Windows Installer Elevation of Privilege Vulnerability	Important	7.8	No	No	EoP
CVE-2026-20849	Windows Kerberos Elevation of Privilege Vulnerability	Important	7.5	No	No	EoP
CVE-2026-20833 †	Windows Kerberos Information Disclosure Vulnerability	Important	5.5	No	No	Info
CVE-2026-20818	Windows Kernel Information Disclosure Vulnerability	Important	6.2	No	No	Info
CVE-2026-20838	Windows Kernel Information Disclosure Vulnerability	Important	5.5	No	No	Info
CVE-2026-20809	Windows Kernel Memory Elevation of Privilege Vulnerability	Important	7.8	No	No	EoP
CVE-2026-20859	Windows Kernel-Mode Driver Elevation of Privilege Vulnerability	Important	7.8	No	No	EoP
CVE-2026-20875	Windows Local Security Authority Subsystem Service (LSASS) Denial of Service Vulnerability	Important	7.5	No	No	DoS
CVE-2026-20869	Windows Local Session Manager (LSM) Elevation of Privilege Vulnerability	Important	7	No	No	EoP
CVE-2026-20858	Windows Management Services Elevation of Privilege Vulnerability	Important	7.8	No	No	EoP
CVE-2026-20861	Windows Management Services Elevation of Privilege Vulnerability	Important	7.8	No	No	EoP
CVE-2026-20865	Windows Management Services Elevation of Privilege Vulnerability	Important	7.8	No	No	EoP
CVE-2026-20866	Windows Management Services Elevation of Privilege Vulnerability	Important	7.8	No	No	EoP
CVE-2026-20867	Windows Management Services Elevation of Privilege Vulnerability	Important	7.8	No	No	EoP
CVE-2026-20873	Windows Management Services Elevation of Privilege Vulnerability	Important	7.8	No	No	EoP
CVE-2026-20874	Windows Management Services Elevation of Privilege Vulnerability	Important	7.8	No	No	EoP
CVE-2026-20877	Windows Management Services Elevation of Privilege Vulnerability	Important	7.8	No	No	EoP
CVE-2026-20918	Windows Management Services Elevation of Privilege Vulnerability	Important	7.8	No	No	EoP
CVE-2026-20923	Windows Management Services Elevation of Privilege Vulnerability	Important	7.8	No	No	EoP
CVE-2026-20924	Windows Management Services Elevation of Privilege Vulnerability	Important	7.8	No	No	EoP
CVE-2026-20862	Windows Management Services Information Disclosure Vulnerability	Important	5.5	No	No	Info
CVE-2026-20837	Windows Media Remote Code Execution Vulnerability	Important	7.8	No	No	RCE
CVE-2026-20936	Windows NDIS Information Disclosure Vulnerability	Important	4.3	No	No	Info
CVE-2026-20840	Windows NTFS Remote Code Execution Vulnerability	Important	7.8	No	No	RCE
CVE-2026-20922	Windows NTFS Remote Code Execution Vulnerability	Important	7.8	No	No	RCE
CVE-2026-20824	Windows Remote Assistance Security Feature Bypass Vulnerability	Important	5.5	No	No	SFB
CVE-2026-20832	Windows Remote Procedure Call Interface Definition Language (IDL) Elevation of Privilege Vulnerability	Important	7.8	No	No	EoP
CVE-2026-20828	Windows rndismp6.sys Information Disclosure Vulnerability	Important	4.6	No	No	Info
CVE-2026-20843	Windows Routing and Remote Access Service (RRAS) Elevation of Privilege Vulnerability	Important	7.8	No	No	EoP
CVE-2026-20868	Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability	Important	8.8	No	No	RCE
CVE-2026-20856	Windows Server Update Service (WSUS) Remote Code Execution Vulnerability	Important	8.1	No	No	RCE
CVE-2026-20927	Windows SMB Server Denial of Service Vulnerability	Important	5.3	No	No	DoS
CVE-2026-20848	Windows SMB Server Elevation of Privilege Vulnerability	Important	7.5	No	No	EoP
CVE-2026-20919	Windows SMB Server Elevation of Privilege Vulnerability	Important	7.5	No	No	EoP
CVE-2026-20921	Windows SMB Server Elevation of Privilege Vulnerability	Important	7.5	No	No	EoP
CVE-2026-20926	Windows SMB Server Elevation of Privilege Vulnerability	Important	7.5	No	No	EoP
CVE-2026-20934	Windows SMB Server Elevation of Privilege Vulnerability	Important	7.5	No	No	EoP
CVE-2026-20834	Windows Spoofing Vulnerability	Important	4.6	No	No	Spoofing
CVE-2026-20931	Windows Telephony Service Elevation of Privilege Vulnerability	Important	8	No	No	EoP
CVE-2026-20938	Windows Virtualization-Based Security (VBS) Enclave Elevation of Privilege Vulnerability	Important	7.8	No	No	EoP
CVE-2026-20819	Windows Virtualization-Based Security (VBS) Information Disclosure Vulnerability	Important	5.5	No	No	Info
CVE-2026-20935	Windows Virtualization-Based Security (VBS) Information Disclosure Vulnerability	Important	6.2	No	No	Info
CVE-2026-20853	Windows WalletService Elevation of Privilege Vulnerability	Important	7.4	No	No	EoP
CVE-2026-20870	Windows Win32 Kernel Subsystem Elevation of Privilege Vulnerability	Important	7.8	No	No	EoP
CVE-2026-0628 *	Chromium: CVE-2026-0628 Insufficient policy enforcement in WebView tag	High	N/A	No	No	SFB

* Indicates this CVE had been released by a third party and is now being included in Microsoft releases.

† Indicates further administrative actions are required to fully address the vulnerability.

 

Moving on to the other Critical-rated bugs in this month’s release, there are a couple of odd Excel vulns receiving patches. Initially, I though the Preview Pane would be involved, but it isn’t. In fact, it’s not clear what makes these Critical at all. That’s not true for the Word bug, where the Preview Pane is an attack vector. The bug in LSASS allows for code execution over a network, but you need to be authenticated. The final Critical bug is a privilege escalation involving GPU paravirtualization and could lead to local users executing code as SYSTEM. For some reason, I feel like we have just scratched the surface with GPU-related bugs.

Taking a look at the other code execution vulnerabilities in this month’s release, there’s the standard open-and-own bugs in Word and Excel. The SharePoint bugs require authentication, but almost every authenticated user will have the needed permissions. There is an interesting SharePoint bug reported by former ZDI analyst Piotr Bazydło. This one doesn’t require authentication but does require user interaction such as importing a malicious WSDL or opening a file. The bug in WSUS looks frightening, but it requires a machine-in-the-middle (MiTM) to exploit the issue. The two bugs in NTFS require authentication. The vuln in Azure Core requires an attacker to change a valid token to be malicious, which requires “developer-type authentication” – whatever that means.

The final code execution bug for January requires extra steps for remediation. Microsoft is removing the hands-free deployment feature of Windows Deployment Services. This means you will need to audit your enterprise to find systems configured with hands-free deployments. From there, you’ll need to opt if for protection in the immediate future. You’ll also need to have a plan to migrate these systems to something other than hands free prior to Microsoft removing the feature in mid-2026.

Elevation of Privilege (EoP) bugs make up the vast majority of this release, but most simply lead to local attackers executing their code at SYSTEM-level privileges or administrative privileges. There are also quite a few bugs that allow attackers to move from Low to Medium integrity to escape AppContainer isolation. These bugs are mostly in the Windows Management Services. There is one bug that leads to “Kernel Memory Access” – whatever that means. There’s another bug that leads to change VTL levels, but this one only gets you VTL1 access. The bug in the Windows Admin Center (WAC) is interesting as it could allow attackers to gain local admin privileges on targeted WAC-managed machines within a tenant. This gives the attacker the ability to interact with other tenant’s applications and content. The bug in WalletService only leads to the privileges of the compromised user. That’s the same for the File Explorer bug. The bug in SQL Server allows an attacker to gain debugging privileges, including the ability to dump memory. As always, SQL admins will need to take extra steps for full remediation of this issue. The final EoP is actually from 2024. Microsoft doesn’t list this as public, but I do. There have already been press articles describing this vulnerability. The bug is in the Motorola Soft Modem drivers, which ship be default on supported Windows OS systems. It’s a deprecated piece of gear, so rather than fix the driver, Microsoft is simply removing the driver completely.

There are a couple of additional security feature bypass bugs to discuss. The first is in Excel, and it could allow attackers to bypass macro protections. It also requires some user interaction, so it’s not just an open-and-own bug. The bug in Remote Assistance allows attacker to evade Mark of the Web (MotW) protections.

There are quite a few information disclosure bug receiving fixes this month. Many only result in info leaks consisting of unspecified memory contents or memory addresses, but there are multiple exceptions. The bug in CamSvc discloses the ever popular “sensitive information”. Another CamSvc bug discloses the memory of the Capability Access Manager service. There are a couple of bugs that allow someone in VTL0 to view VTL1 data – again, a first as far as I know. Windows File Explorer has a few bugs that could disclose an address outside of a sandbox. That would certainly be useful for sandbox escapes. The bug in Kerberos doesn’t sound all that exciting, but it requires additional steps after installing the patch. The bug in TPM allows attacker to disclose “secrets or privileged information belonging to the user of the affected application.” The vulnerability in the Dynamic Root of Trust for Measurement (DRTM) component discloses cryptographic secrets. The Hyper-V bug is fascinating as it allows attackers to disclose data from a Guest VM to Hyper-V host server, bypassing the virtualization security boundary. Finally, the SharePoint info disclosure is interesting as it allows the exposure of data returned from outbound requests SharePoint makes on the attacker’s behalf. It’s like the attacker can use an affected system to perform reconnaissance on their behalf.

The January release contains five fixes for spoofing bugs, although some of the descriptions about the bugs themselves are quite obtuse. We can say the bug in SharePoint is a cross-site scripting (XSS) bug. Two of the bugs simply state that they allow spoofing over a network. The bugs in NTLM Hash Disclosure are least list the fact that user interaction is required.

Speaking of unclear descriptions, there are three bugs with the ever-ineffable Tampering impact. Two are in Windows Hello and allow “an unauthorized attacker to perform tampering locally.” That likely means they can abuse the Hello component to bypass it, but that’s not clearly stated. Similarly, the LDAP bug just states it could allow tampering over a network.

Finally, there are two denial-of-service bugs in SMB and LSASS. However, Microsoft provides no real information about these bugs, just that an attacker could use them to deny service over a network. At least they note the SMB bug requires authentication.

No new advisories are being released this month.

Looking Ahead

Assuming I survive Pwn2Own automotive and haven’t transformed into a giant piece of sushi, I’ll be back for the February release on the 10th. Until then, stay safe, happy patching, and may all your reboots be smooth and clean!