CVE-2026-54111

Published Jul 14, 2026

Last updated 12 hours ago

Overview

Description
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows USB Print Driver allows an authorized attacker to elevate privileges locally.
Source
secure@microsoft.com
NVD status
Analyzed
Products
windows_11_24h2, windows_11_25h2, windows_11_26h1, windows_server_2025

Risk scores

CVSS 3.1

Type
Secondary
Base score
7
Impact score
5.9
Exploitability score
1
Vector string
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
Severity
HIGH

Weaknesses

secure@microsoft.com
CWE-125

Social media

Hype score
Not currently trending

Configurations

References

Sources include official advisories and independent security research.