Description
Untrusted search path in Windows Narrator Braille allows an authorized attacker to elevate privileges locally.
Published: 2026-06-09
Score: 7.8 High
EPSS: n/a
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

The vulnerability in Windows Narrator Braille arises from an untrusted search path, permitting an attacker with authorized local access to gain elevated privileges. By manipulating the search order, the attacker can execute code with higher rights, potentially compromising the entire workstation. This flaw matches the CWE identifier for untrusted search path. No elevation of privileges beyond the local user context is described.

Affected Systems

Microsoft Windows Narrator Braille is the affected component. The impact applies to all versions of Windows Narrator Braille until the security update is applied; no specific version roll‑ups were disclosed in the advisory.

Risk and Exploitability

The CVSS score of 7.8 indicates a high severity. EPSS data is unavailable, so the current exploitation probability is unclear, and the vulnerability is not listed in the CISA KEV catalog. The likely attack vector requires an attacker to already have legitimate access to the target system, after which they can trigger the untrusted search path to obtain higher privileges.

Generated by OpenCVE AI on June 9, 2026 at 20:11 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Download and install the Microsoft security update that addresses CVE-2026-48565.
  • Restart the computer so the patch takes effect throughout the system.
  • If the update is not yet available for your OS version, disable Windows Narrator Braille or limit its use until the patch is released.

Generated by OpenCVE AI on June 9, 2026 at 20:11 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Wed, 10 Jun 2026 11:30:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Tue, 09 Jun 2026 17:15:00 +0000

Type Values Removed Values Added
Description Untrusted search path in Windows Narrator Braille allows an authorized attacker to elevate privileges locally.
Title Windows Narrator Braille Elevation of Privilege Vulnerability
First Time appeared Microsoft
Microsoft windows Narrator Braille
Weaknesses CWE-426
CPEs cpe:2.3:a:microsoft:windows_narrator_braille:*:*:*:*:*:*:*:*
Vendors & Products Microsoft
Microsoft windows Narrator Braille
References
Metrics cvssV3_1

{'score': 7.8, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C'}

Subscriptions

Microsoft Windows Narrator Braille
cve-icon MITRE

Status: PUBLISHED

Assigner: microsoft

Published:

Updated: 2026-06-10T10:15:18.862Z

Reserved: 2026-05-21T20:00:35.245Z

Link: CVE-2026-48565

cve-icon Vulnrichment

Updated: 2026-06-10T10:15:14.199Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2026-06-09T17:17:45.043

Modified: 2026-06-09T19:32:51.440

Link: CVE-2026-48565

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-06-10T11:22:23Z

Weaknesses