A vulnerability has been found in Microsoft Windows up to Server 2025 and classified as problematic. Affected is an unknown function of the component StateRepository API. Performing a manipulation results in improper access controls.
This vulnerability is known as CVE-2026-49170. Attacking locally is a requirement. No exploit is available.