CVE-2026-57091
Windows File History Service Elevation of Privilege Vulnerability
Description
Stack-based buffer overflow in Windows File History Service allows an authorized attacker to elevate privileges locally.
In plain language
AI Act nowCVE-2026-57091 is a Windows flaw that lets someone with limited access run code with much higher privileges; most small businesses should treat it as urgent because it can lead to full system takeover on affected Windows machines.
CVE-2026-57091 is a local stack-based buffer overflow in the Windows File History Service that allows an authorized attacker with low-level privileges to elevate to high/system control without any user interaction.
What to do now
- Check which of these systems you run: Windows 10, Windows 11, or Windows Server 2016/2019/2022/2025, and confirm they’re at the version levels shown in Microsoft’s CVE update page.
- Install the Microsoft security update for CVE-2026-57091 as directed on the MSRC update guide.
- Verify the update is fully applied (system restart if required) and that Windows Update shows the CVE-related patch as installed.
CVSS Vector Breakdown
AV:LAttack VectorAC:LAttack ComplexityPR:LPrivileges RequiredUI:NUser InteractionS:UScopeC:HConfidentialityI:HIntegrityA:HAvailabilityWeaknesses
Affected Products
Exploitability
Attack Graph
Click technique nodes for MITRE ATT&CK details · drag to pan · Ctrl/⌘ + scroll to zoom, or go fullscreen.
MITRE ATT&CK
1 techniqueReferences
- Microsoft and Adobe Patch Tuesday, July 2026 Security Update Reviewen-us·Qualys Security Blog·
- Microsoft Patch Tuesday for July 2026 — Snort rules and prominent vulnerabilitiesen·Cisco Talos·
- Microsoft Patch Tuesday July 2026 - The AI Acopolypse is Hereen·SANS Internet Storm Center·
- Microsoft July 2026 Patch Tuesday fixes massive 570 flaws, 3 zero-daysen-us·BleepingComputer·
Unlock Complete Vulnerability Intelligence
Get the full picture for CVE-2026-57091 and every CVE in our database. Create a free account — no credit card required.
Create Free Account