CVE-2026-42834

Daily digests

A symlink-following bug in Azure Portal's Windows Admin Center lets a local attacker who already has some level of access escalate to higher privileges. This requires local access and an authenticated session, so it's not remotely exploitable on its own. It's a privilege escalation play, most dangerous if an attacker already has a foothold.

• Daily Digest · May 21, 2026

  Cisco Secure Workload CVSS 10, no auth needed