CVE-2026-48565
Analyzed Analyzed - Analysis Complete

Untrusted Search Path in Windows Narrator Braille

Publication date: 2026-06-09

Last updated on: 2026-06-12

Assigner: Microsoft Corporation

Description
Untrusted search path in Windows Narrator Braille allows an authorized attacker to elevate privileges locally.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published
2026-06-09
Last Modified
2026-06-12
Generated
2026-06-30
AI Q&A
2026-06-10
EPSS Evaluated
2026-06-28
NVD
CVE-2026-48565
EUVD
EUVD-2026-35585

Affected Vendors & Products

Showing 1 associated CPE
Vendor Product Version / Range
microsoft windows_narrator_braille *

Helpful Resources

Exploitability

CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-426 The product searches for critical resources using an externally-supplied search path that can point to resources that are not under the product's direct control.

Attack-Flow Graph

AI Quick Actions

Instant insights powered by AI
Mitigation Strategies

To mitigate the untrusted search path vulnerability in Windows Narrator Braille, it is important to ensure that only trusted directories are included in the search path and to apply any available security updates from Microsoft.

Since this vulnerability allows an authorized attacker to elevate privileges locally, restricting local user permissions and monitoring for unusual privilege escalation attempts can also help reduce risk.

Executive Summary

This vulnerability is an untrusted search path issue in Windows Narrator Braille. It allows an authorized attacker to elevate their privileges locally on the affected system.

Impact Analysis

The vulnerability can lead to an elevation of privilege, meaning an attacker with some level of access could gain higher-level permissions. This can result in full control over the affected system, potentially compromising confidentiality, integrity, and availability.

Compliance Impact

The provided information does not specify how this vulnerability affects compliance with common standards and regulations such as GDPR or HIPAA.

Chat Assistant

Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-48565. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70

EPSS Chart