CVE-2026-41091: Microsoft Defender Link Following Vulnerability. Microsoft
Microsoft Defender Link Following Vulnerability. Microsoft Defender contains a link following vulnerability that allows an authorized attacker to elevate privileges locally.
- CISA KEV-listed (remediation due 2026-06-03)
- EPSS 8.2% (92.4% percentile)