Vulnerability intelligence

CVE-2026-45586

Improper link resolution before file access ('link following') in Windows Collaborative Translation Framework allows an authorized attacker to elevate privileges locally.

CVSS Score

7.8

High

EPSS — Exploit Probability

0.1%

Riskier than 30% of all CVEs

Exploitation

Not in CISA KEV

No federal exploitation record

Remediation

Patch available

Vendor fix published

NVD entry Vendor patch PoC / advisory

5 articles across 5 outlets · first covered Jun 9, 2026 · latest Jun 10, 2026

Tracked incidents

vulnerability open 11 articles

Microsoft June 2026 Patch Tuesday fixes 206 flaws, including CVE-2026-49160 zero‑day

Coverage timeline

Microsoft patches record 206 flaws, fixing three zero‑day bugs
www.malwarebytes.com · Jun 10, 2026
Microsoft patches 200 flaws, zero day BitLocker bypass urgent
www.infosecurity-magazine.com · Jun 10, 2026
Microsoft Patch Tuesday fixes 206+ flaws amid zero day exploits
securityonline.info · Jun 10, 2026
Microsoft patches CVE-2026-45586 zero day after researcher clash
arstechnica.com · Jun 9, 2026
Microsoft fixes 200 bugs in June, none exploited, dozens critical
www.securityweek.com · Jun 9, 2026