CVE-2022-26904CISA KEVEPSS p94.9%

CVE-2022-26904Microsoft Windows User Profile Service Privilege Escalation Vulnerability

Microsoft / Windows

Description

Microsoft Windows User Profile Service contains an unspecified vulnerability that allows for privilege escalation.

Scoring

EPSS9.74% probability of exploitation · percentile 94.9% · 2026-06-19T12:03:05Z

CISA KEV entry

Added to KEV: 2022-04-25

(incoming)1

TypeTargetConfidenceTier
KEVEntryMicrosoft Windows User Profile Service Privilege Escalation Vulnerabilitykev-cve-2022-269040%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
Microsoft Active Directory Domain Services Privilege Escalation Vulnerability
CVE
Microsoft Windows Win32k Privilege Escalation Vulnerability
CVE
Microsoft Windows Client Server Runtime Subsystem (CSRSS) Privilege Escalation Vulnerability
CVE
Microsoft Windows Update Medic Service Privilege Escalation Vulnerability
CVE
Microsoft Windows Kernel Privilege Escalation Vulnerability
CVE
Microsoft Windows Improper Privilege Management Vulnerability
Sourced from NVD + CISA KEV + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.