What the vulnerability does
01Description
Improper access control in Microsoft PC Manager allows an authorized attacker to bypass a security feature locally.
CVE-2026-49161
HIGH
CVE-2026-49161: Microsoft PC Manager Security Feature Bypass Vulnerability
CVSS base score
7.8/10
CVSS vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Key dates
02Disclosure timeline
June 9, 2026
CVE published
June 15, 2026
Record updated
External resources
03References
Related vulnerabilities
04Related CVE
CVE-2019-25060 WP-GraphQL < 0.3.5 - Improper Access Control
CVE-2023-43089
CVE-2025-48734 Apache Commons BeanUtils: PropertyUtilsBean does not suppresses an enum's declaredClass property by default
CVE-2021-1467 Cisco Webex Meetings for Android Avatar Modification Vulnerability
CVE-2024-23675 Splunk App Key Value Store (KV Store) Improper Handling of Permissions Leads to KV Store Collection Deletion
