Microsoft: >> Malware Protection Engine Security Vulnerabilities
Microsoft is aware of an elevation of privilege in the Microsoft Malware Protection Engine in Microsoft Defender publicly referred to as "RoguePlanet ". We are working to provide a high quality security update that addresses this vulnerability. We will provide information in this CVE when the update is available.
CVSS Score
7.8
EPSS Score
0.003
Published
2026-06-16
Heap-based buffer overflow in Microsoft Defender allows an unauthorized attacker to execute code over a network.
CVSS Score
8.1
EPSS Score
0.009
Published
2026-05-20
CVE-2026-41091
Improper link resolution before file access ('link following') in Microsoft Defender allows an authorized attacker to elevate privileges locally.
Known exploited
CVSS Score
7.8
EPSS Score
0.012
Published
2026-05-20
Microsoft Defender Elevation of Privilege Vulnerability
CVSS Score
6.3
EPSS Score
0.003
Published
2023-07-11
Microsoft Defender Denial of Service Vulnerability
CVSS Score
7.5
EPSS Score
0.03
Published
2023-04-11
Microsoft Defender Elevation of Privilege Vulnerability
CVSS Score
6.3
EPSS Score
0.003
Published
2023-03-14
Microsoft Windows Defender Elevation of Privilege Vulnerability
CVSS Score
7.1
EPSS Score
0.006
Published
2022-10-11
Microsoft Defender Denial of Service Vulnerability
CVSS Score
5.5
EPSS Score
0.026
Published
2022-04-15
Microsoft Defender Remote Code Execution Vulnerability
CVSS Score
7.8
EPSS Score
0.055
Published
2021-11-10
Microsoft Windows Defender Elevation of Privilege Vulnerability
CVSS Score
7.8
EPSS Score
0.004
Published
2021-08-12
Page 1