CISA warns of active exploit in Microsoft Defender CVE-2026-41091

THE CISA maintains a Known Exploited Vulnerabilities (KEV) Catalog to assist organizations in managing vulnerabilities and staying updated on threat activities. The current entry details a vulnerability in Microsoft Defender (CVE-2026-41091), which allows an authorized attacker to elevate privileges locally. Related classifications include CWE-59. Organizations are advised to apply vendor mitigation instructions or consider discontinuing the use of the product if mitigations are unavailable. The catalog is available in various formats, including CSV and JSON, and users can subscribe for updates.