CVE-2026-20844 - Vulnerability Details

- Windows Clipboard Server Elevation of Privilege Vulnerability

Description

Use after free in Windows Clipboard Server allows an unauthorized attacker to elevate privileges locally.

Published: 2026-01-13

Score: 7.4 High

EPSS: < 1% Very Low

KEV: No

Impact:

Action:

Analysis

Impact

The vulnerability is a use‑after‑free flaw in the Windows Clipboard Server, classified as a race condition (CWE‑362) and a use‑after‑free (CWE‑416). Exploitation permits an unauthenticated local user to gain elevated privileges on the affected system. The flaw resides in the clipboard service’s handling of memory, allowing malicious code to be executed with higher privileges when a specific sequence of memory allocation and deallocation occurs. The impact is that an attacker who is able to run arbitrary code locally can elevate their access level to system or administrator, potentially enabling further compromise of the machine.

Affected Systems

Affected systems include Microsoft Windows 10 versions 1607, 1809, 21H2, and 22H2; Microsoft Windows 11 versions 23H2, 24H2, 25H2, and 22H3; and Microsoft Windows Server releases 2016, 2019, 2022, and 2025, including Server Core installations.

Risk and Exploitability

The CVSS v3.1 score of 7.4 indicates a high severity local privilege escalation, while an EPSS rating of less than 1 % suggests that exploitation attempts are currently rare. The vulnerability is not listed in the CISA Known Exploited Vulnerabilities catalog, so no publicly documented exploit is known. Attackers would need to execute code on the target machine, making the attack vector local. However, once local access is achieved, the flaw can be leveraged to raise privileges, bypassing security controls that rely on user privilege separation.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

Microsoft

Windows 10 Version 1607

affected

Version	Status	Constraints
`10.0.14393.0`	affected	< 10.0.14393.8783

Microsoft

Windows 10 Version 1809

affected

Version	Status	Constraints
`10.0.17763.0`	affected	< 10.0.17763.8276

Microsoft

Windows 10 Version 21H2

affected

Version	Status	Constraints
`10.0.19044.0`	affected	< 10.0.19044.6809

Microsoft

Windows 10 Version 22H2

affected

Version	Status	Constraints
`10.0.19045.0`	affected	< 10.0.19045.6809

Microsoft

Windows 11 version 22H3

affected

Version	Status	Constraints
`10.0.22631.0`	affected	< 10.0.22631.6491

Microsoft

Windows 11 Version 23H2

affected

Version	Status	Constraints
`10.0.22631.0`	affected	< 10.0.22631.6491

Microsoft

Windows 11 Version 24H2

affected

Version	Status	Constraints
`10.0.26100.0`	affected	< 10.0.26100.7623

Microsoft

Windows 11 Version 25H2

affected

Version	Status	Constraints
`10.0.26200.0`	affected	< 10.0.26200.7623

Microsoft

Windows Server 2016

affected

Version	Status	Constraints
`10.0.14393.0`	affected	< 10.0.14393.8783

Microsoft

Windows Server 2016 (Server Core installation)

affected

Version	Status	Constraints
`10.0.14393.0`	affected	< 10.0.14393.8783

Microsoft

Windows Server 2019

affected

Version	Status	Constraints
`10.0.17763.0`	affected	< 10.0.17763.8276

Microsoft

Windows Server 2019 (Server Core installation)

affected

Version	Status	Constraints
`10.0.17763.0`	affected	< 10.0.17763.8276

Microsoft

Windows Server 2022

affected

Version	Status	Constraints
`10.0.20348.0`	affected	< 10.0.20348.4648

Microsoft

Windows Server 2022, 23H2 Edition (Server Core installation)

affected

Version	Status	Constraints
`10.0.25398.0`	affected	< 10.0.25398.2092

Microsoft

Windows Server 2025

affected

Version	Status	Constraints
`10.0.26100.0`	affected	< 10.0.26100.32230

Microsoft

Windows Server 2025 (Server Core installation)

affected

Version	Status	Constraints
`10.0.26100.0`	affected	< 10.0.26100.32230

Configuration 1 [-]

OR	cpe:2.3:o:microsoft:windows_10_1607:::::::x64:*
	cpe:2.3:o:microsoft:windows_10_1607:::::::x86:*
	cpe:2.3:o:microsoft:windows_10_1809:::::::x64:*
	cpe:2.3:o:microsoft:windows_10_1809:::::::x86:*
	cpe:2.3:o:microsoft:windows_10_21h2::::::::
	cpe:2.3:o:microsoft:windows_10_22h2::::::::
	cpe:2.3:o:microsoft:windows_11_23h2::::::::
	cpe:2.3:o:microsoft:windows_11_24h2::::::::
	cpe:2.3:o:microsoft:windows_11_25h2::::::::
	cpe:2.3:o:microsoft:windows_server_2016::::::::
	cpe:2.3:o:microsoft:windows_server_2019::::::::
	cpe:2.3:o:microsoft:windows_server_2022::::::::
	cpe:2.3:o:microsoft:windows_server_2022_23h2::::::::
	cpe:2.3:o:microsoft:windows_server_2025::::::::

No data.

No data available yet.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

Apply the official Microsoft security update that addresses the clipboard server use‑after‑free flaw for the affected Windows releases. The update can be obtained via the Microsoft Security Update Guide or Windows Update.
Restart the system after the patch is applied to ensure the Clipboard Server restarts with the updated code.
Verify clipboard functionality by performing a simple copy‑and‑paste operation between two applications, ensuring the Clipboard Server operates correctly.
Monitor the Windows Event Log for any Clipboard Server related errors or audit events following the update.

Generated by OpenCVE AI on April 16, 2026 at 18:20 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

No CVSS v4.0

Attack Vector Local

Attack Complexity High

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.00024.

Exploitation none

Automatable no

Technical Impact total

References

Link	Providers
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-20844

History

Thu, 15 Jan 2026 14:15:00 +0000

Type	Values Removed	Values Added
First Time appeared		Microsoft windows 10 21h2 Microsoft windows 10 22h2 Microsoft windows 11 23h2 Microsoft windows 11 24h2 Microsoft windows 11 25h2 Microsoft windows Server 2022 23h2
CPEs		cpe:2.3:o:microsoft:windows_10_1607:::::::x64:* cpe:2.3:o:microsoft:windows_10_1809:::::::x64:* cpe:2.3:o:microsoft:windows_10_21h2:::::::: cpe:2.3:o:microsoft:windows_10_22h2:::::::: cpe:2.3:o:microsoft:windows_11_23h2:::::::: cpe:2.3:o:microsoft:windows_11_24h2:::::::: cpe:2.3:o:microsoft:windows_11_25h2:::::::: cpe:2.3:o:microsoft:windows_server_2022_23h2::::::::
Vendors & Products		Microsoft windows 10 21h2 Microsoft windows 10 22h2 Microsoft windows 11 23h2 Microsoft windows 11 24h2 Microsoft windows 11 25h2 Microsoft windows Server 2022 23h2

Wed, 14 Jan 2026 20:15:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}`

Tue, 13 Jan 2026 18:15:00 +0000

Type	Values Removed	Values Added
Description		Use after free in Windows Clipboard Server allows an unauthorized attacker to elevate privileges locally.
Title		Windows Clipboard Server Elevation of Privilege Vulnerability
First Time appeared		Microsoft Microsoft windows 10 1607 Microsoft windows 10 1809 Microsoft windows 10 21h2 Microsoft windows 10 22h2 Microsoft windows 11 23h2 Microsoft windows 11 24h2 Microsoft windows 11 25h2 Microsoft windows Server 2016 Microsoft windows Server 2019 Microsoft windows Server 2022 Microsoft windows Server 2025 Microsoft windows Server 23h2
Weaknesses		CWE-362 CWE-416
CPEs		cpe:2.3:o:microsoft:windows_10_1607:::::::x86:* cpe:2.3:o:microsoft:windows_10_1809:::::::x86:* cpe:2.3:o:microsoft:windows_10_21H2:::::::x86:* cpe:2.3:o:microsoft:windows_10_22H2:::::::x64:* cpe:2.3:o:microsoft:windows_11_23H2:::::::arm64:* cpe:2.3:o:microsoft:windows_11_23H2:::::::x64:* cpe:2.3:o:microsoft:windows_11_24H2:::::::arm64:* cpe:2.3:o:microsoft:windows_11_25H2:::::::arm64:* cpe:2.3:o:microsoft:windows_server_2016:::::::: cpe:2.3:o:microsoft:windows_server_2019:::::::: cpe:2.3:o:microsoft:windows_server_2022:::::::: cpe:2.3:o:microsoft:windows_server_2025:::::::: cpe:2.3:o:microsoft:windows_server_23h2::::::::
Vendors & Products		Microsoft Microsoft windows 10 1607 Microsoft windows 10 1809 Microsoft windows 10 21h2 Microsoft windows 10 22h2 Microsoft windows 11 23h2 Microsoft windows 11 24h2 Microsoft windows 11 25h2 Microsoft windows Server 2016 Microsoft windows Server 2019 Microsoft windows Server 2022 Microsoft windows Server 2025 Microsoft windows Server 23h2
References		https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-20844
Metrics		cvssV3_1 `{'score': 7.4, 'vector': 'CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C'}`

Subscriptions

Microsoft Windows 10 1607 Windows 10 1809 Windows 10 21h2 Windows 10 21h2 Windows 10 22h2 Windows 10 22h2 Windows 11 23h2 Windows 11 23h2 Windows 11 24h2 Windows 11 24h2 Windows 11 25h2 Windows 11 25h2 Windows Server 2016 Windows Server 2019 Windows Server 2022 Windows Server 2022 23h2 Windows Server 2025 Windows Server 23h2

MITRE

Status: PUBLISHED

Assigner: microsoft

Published: 2026-01-13T17:56:28.249Z

Updated: 2026-04-01T13:48:37.946Z

Reserved: 2025-12-03T05:54:20.376Z

Link: CVE-2026-20844

Vulnrichment

Updated: 2026-01-13T19:36:08.388Z

NVD

Status : Analyzed

Published: 2026-01-13T18:16:12.977

Modified: 2026-01-15T14:07:56.220

Link: CVE-2026-20844

Redhat

No data.

OpenCVE Enrichment

Updated: 2026-04-16T18:30:10Z

Weaknesses

Impact

Affected Systems

Risk and Exploitability

Tracking

Attack Vector Local

Attack Complexity High

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Exploitation none

Automatable no

Technical Impact total

Subscriptions

JSON object

JSON object

JSON object

JSON object

JSON object