CVE-2025-26633: Microsoft Windows Management Console (MMC) Improper
Microsoft Windows Management Console (MMC) Improper Neutralization Vulnerability. Microsoft Windows Management Console (MMC) contains an improper neutralization vulnerability that allows an unauthorized attacker to bypass a security feature locally.
- CISA KEV-listed (remediation due 2025-04-01)
- used in ransomware campaigns
- EPSS 46.6% (97.7% percentile)