KEV Entry: CVE-2026-25187

Entry Details

Confirmed Exploited

Vulnerability ID

CVE-2026-25187

Status Updated At

2026-04-19 13:49 UTC

Timestamps

First Seen At

2026-04-19

Asserted At

2026-04-19

Scope

Notes

KEVIntel entry: Winlogon Elevation of Privilege Vulnerability | Affected: Microsoft / Windows 10 Version 1607, Windows 10 Version 1809, Windows 10 Version 21H2, Windows 10 Version 22H2, Windows 11 version 22H3, Windows 11 Version 23H2, Windows 11 Version 24H2, Windows 11 Version 25H2, Windows 11 version 26H1, Windows Server 2012, Windows Server 2012 (Server Core installation), Windows Server 2012 R2, Windows Server 2012 R2 (Server Core installation), Windows Server 2016, Windows Server 2016 (Server Core installation), Windows Server 2019, Windows Server 2019 (Server Core installation), Windows Server 2022, Windows Server 2022, 23H2 Edition (Server Core installation), Windows Server 2025, Windows Server 2025 (Server Core installation) | CVSS: 7.8 (HIGH) | Used in malware: unknown | Not yet in CISA KEV: True

References

{'id': 'CVE-2026-25187', 'url': 'https://www.cve.org/CVERecord?id=CVE-2026-25187'}
{'id': 'kevintel', 'url': 'https://kevintel.com/vuln/CVE-2026-25187'}

Entry UUID

eb97edde-e125-4fca-b1bf-780359c44eb3

Catalog Origin UUID

caeb2787-0d58-4236-9039-7c86c3e566f3

Created

2026-06-19 12:45 UTC

Last Updated

2026-06-19 12:45 UTC

Evidence

1

Type Source Signal Confidence Details GCVE Metadata

Type	Source	Signal	Confidence	Details	GCVE Metadata
public_report	kevintel	successful_exploitation	0.70	View details { "added_date": "2026-04-19T13:49:43.340Z", "ahead_of_cisa_kev": null, "cvss_score": 7.8, "cvss_severity": "HIGH", "epss_percentile": null, "epss_score": null, "feed": "KEVIntel (kevintel.com)", "not_yet_in_cisa_kev": true, "product": "Windows 10 Version 1607, Windows 10 Version 1809, Windows 10 Version 21H2, Windows 10 Version 22H2, Windows 11 version 22H3, Windows 11 Version 23H2, Windows 11 Version 24H2, Windows 11 Version 25H2, Windows 11 version 26H1, Windows Server 2012, Windows Server 2012 (Server Core installation), Windows Server 2012 R2, Windows Server 2012 R2 (Server Core installation), Windows Server 2016, Windows Server 2016 (Server Core installation), Windows Server 2019, Windows Server 2019 (Server Core installation), Windows Server 2022, Windows Server 2022, 23H2 Edition (Server Core installation), Windows Server 2025, Windows Server 2025 (Server Core installation)", "title": "Winlogon Elevation of Privilege Vulnerability", "used_in_malware": "unknown", "vendor": "Microsoft" }	-

public_report

kevintel

successful_exploitation

0.70

View details

{
  "added_date": "2026-04-19T13:49:43.340Z",
  "ahead_of_cisa_kev": null,
  "cvss_score": 7.8,
  "cvss_severity": "HIGH",
  "epss_percentile": null,
  "epss_score": null,
  "feed": "KEVIntel (kevintel.com)",
  "not_yet_in_cisa_kev": true,
  "product": "Windows 10 Version 1607, Windows 10 Version 1809, Windows 10 Version 21H2, Windows 10 Version 22H2, Windows 11 version 22H3, Windows 11 Version 23H2, Windows 11 Version 24H2, Windows 11 Version 25H2, Windows 11 version 26H1, Windows Server 2012, Windows Server 2012 (Server Core installation), Windows Server 2012 R2, Windows Server 2012 R2 (Server Core installation), Windows Server 2016, Windows Server 2016 (Server Core installation), Windows Server 2019, Windows Server 2019 (Server Core installation), Windows Server 2022, Windows Server 2022, 23H2 Edition (Server Core installation), Windows Server 2025, Windows Server 2025 (Server Core installation)",
  "title": "Winlogon Elevation of Privilege Vulnerability",
  "used_in_malware": "unknown",
  "vendor": "Microsoft"
}

-

Export Options

JSON Object JSON API View Full Catalog