ThreatCluster

Multiple CVEs Affect Windows Drivers with Race Condition Vulnerabilities

First seen 12 May 2026, 17:20 UTC Api.Msrc.Microsoft 72% similarity 58

Article Content

Browse articles
ThreatCluster

Two critical vulnerabilities have been identified in Windows drivers, both published on May 12, 2026. CVE-2026-32161 affects the Windows Native WiFi Miniport Driver, allowing unauthorized attackers to execute code over adjacent networks. CVE-2026-34345 impacts the Windows Ancillary Function Driver for WinSock, enabling authorized attackers to elevate privileges locally. Both vulnerabilities arise from improper synchronization in concurrent execution using shared resources, known as race conditions. The scope of impact includes systems running affected versions of Windows. Immediate action is recommended to mitigate potential exploitation. No active exploitation has been reported as of the publication date. Users are advised to monitor for updates and apply patches as they become available.

Key Points: • CVE-2026-32161 allows unauthorized code execution via WiFi Miniport Driver. • CVE-2026-34345 enables local privilege escalation through Ancillary Function Driver. • Both vulnerabilities stem from race conditions in Windows drivers.

ThreatCluster AI

Timeline

2026-05-12
CVE-2026-32161 published
A race condition in Windows Native WiFi Miniport Driver allows unauthorized code execution over adjacent networks.
Api.Msrc.Microsoft
2026-05-12
CVE-2026-34345 published
A race condition in Windows Ancillary Function Driver for WinSock allows local privilege escalation for authorized attackers.
Api.Msrc.Microsoft

Community

Browse all →