Description
Use after free in Windows Print Spooler Components allows an authorized attacker to elevate privileges locally.
Published: 2026-04-14
Score: 7.8 High
EPSS: < 1% Very Low
KEV: No
Impact: Local Privilege Escalation
Action: Immediate Patch
AI Analysis

Impact

A use‑after‑free bug in the Windows Print Spooler components allows an attacker who already has local access to exploit the spooler and gain higher privileges. The vulnerability falls under CWE‑416 and can potentially lead to the execution of arbitrary code with elevated rights, compromising system integrity and allowing the attacker to bypass security controls.

Affected Systems

Affected systems are Microsoft Windows 11 versions 24H2, 25H2, and 26H1, as well as Windows Server 2022 (23H2 edition) and Windows Server 2025, including Server Core installations. These operating systems contain the vulnerable Print Spooler service that developers have identified in the recent security advisory.

Risk and Exploitability

The CVSS score of 7.8 indicates a high severity local privilege escalation. No EPSS score is available, and the vulnerability is not listed in the CISA KEV catalog, suggesting no known active exploits in the wild yet. Attack requires a local user with the ability to submit malicious print jobs or otherwise interact with the spooler, making it a local abuse scenario rather than a network‑based vector.

Generated by OpenCVE AI on April 14, 2026 at 19:41 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Apply the official Microsoft Security Update for CVE-2026-33101 by downloading and installing the patch available from the Microsoft Security Response Center website.
  • If the patch is not yet available, mitigate by disabling the Print Spooler service until the update can be applied.
  • Verify the patch or service status to confirm the vulnerability is addressed or the Print Spooler have been stopped.

Generated by OpenCVE AI on April 14, 2026 at 19:41 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Fri, 17 Apr 2026 19:30:00 +0000

Type Values Removed Values Added
First Time appeared Microsoft windows Server 2022 23h2
CPEs cpe:2.3:o:microsoft:windows_11_24h2:*:*:*:*:*:*:arm64:*
cpe:2.3:o:microsoft:windows_11_24h2:*:*:*:*:*:*:x64:*
cpe:2.3:o:microsoft:windows_11_25h2:*:*:*:*:*:*:arm64:*
cpe:2.3:o:microsoft:windows_11_25h2:*:*:*:*:*:*:x64:*
cpe:2.3:o:microsoft:windows_11_26h1:*:*:*:*:*:*:arm64:*
cpe:2.3:o:microsoft:windows_11_26h1:*:*:*:*:*:*:x64:*
cpe:2.3:o:microsoft:windows_server_2022_23h2:*:*:*:*:*:*:*:*
Vendors & Products Microsoft windows Server 2022 23h2

Wed, 15 Apr 2026 15:30:00 +0000

Type Values Removed Values Added
First Time appeared Microsoft windows 11 24h2
Microsoft windows 11 25h2
Microsoft windows 11 26h1
Microsoft windows Server 2022
Microsoft windows Server 2022, 23h2 Edition (server Core Installation)
Microsoft windows Server 2025 (server Core Installation)
Vendors & Products Microsoft windows 11 24h2
Microsoft windows 11 25h2
Microsoft windows 11 26h1
Microsoft windows Server 2022
Microsoft windows Server 2022, 23h2 Edition (server Core Installation)
Microsoft windows Server 2025 (server Core Installation)

Wed, 15 Apr 2026 10:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Tue, 14 Apr 2026 17:30:00 +0000

Type Values Removed Values Added
Description Use after free in Windows Print Spooler Components allows an authorized attacker to elevate privileges locally.
Title Windows Print Spooler Elevation of Privilege Vulnerability
First Time appeared Microsoft
Microsoft windows 11 24h2
Microsoft windows 11 25h2
Microsoft windows 11 26h1
Microsoft windows Server 2025
Microsoft windows Server 23h2
Weaknesses CWE-416
CPEs cpe:2.3:o:microsoft:windows_11_24H2:*:*:*:*:*:*:arm64:*
cpe:2.3:o:microsoft:windows_11_25H2:*:*:*:*:*:*:arm64:*
cpe:2.3:o:microsoft:windows_11_26H1:*:*:*:*:*:*:arm64:*
cpe:2.3:o:microsoft:windows_server_2025:*:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_server_23h2:*:*:*:*:*:*:*:*
Vendors & Products Microsoft
Microsoft windows 11 24h2
Microsoft windows 11 25h2
Microsoft windows 11 26h1
Microsoft windows Server 2025
Microsoft windows Server 23h2
References
Metrics cvssV3_1

{'score': 7.8, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C'}

Subscriptions

Microsoft Windows 11 24h2 Windows 11 24h2 Windows 11 25h2 Windows 11 25h2 Windows 11 26h1 Windows 11 26h1 Windows Server 2022 Windows Server 2022, 23h2 Edition (server Core Installation) Windows Server 2022 23h2 Windows Server 2025 Windows Server 2025 (server Core Installation) Windows Server 23h2
cve-icon MITRE

Status: PUBLISHED

Assigner: microsoft

Published:

Updated: 2026-04-30T14:42:34.181Z

Reserved: 2026-03-17T20:15:23.719Z

Link: CVE-2026-33101

cve-icon Vulnrichment

Updated: 2026-04-15T09:07:49.518Z

cve-icon NVD

Status : Analyzed

Published: 2026-04-14T18:17:32.797

Modified: 2026-04-17T19:22:06.243

Link: CVE-2026-33101

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-15T15:15:06Z

Weaknesses