CVE-2025-26684

External control of file name or path in Microsoft Defender for Endpoint allows an authorized attacker to elevate privileges locally.

• https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-26684
  Vendor Advisory