{
  "title": "Microsoft Defender CVE-2026-41091: KEV Engine EoP Exposure",
  "summary": "CISA added Microsoft Defender CVE-2026-41091 to KEV on 2026-05-20. MSRC marks exploitation detected and gives the exact fixed Malware Protection Engine version 1.1.26040.8.",
  "date": "2026-05-26",
  "severity": "high",
  "tags": [
    "microsoft-defender",
    "cisa-kev",
    "vulnerability-response",
    "windows",
    "privilege-escalation"
  ],
  "sources_count": 3,
  "indicators": {
    "slug": "microsoft-defender-cve-2026-41091-kev",
    "since": "2026-05-26T00:00:00Z",
    "until": "2026-05-26T23:59:59Z",
    "ecosystem": "",
    "cves": [
      "CVE-2026-41091"
    ],
    "cwes": [
      "CWE-59"
    ],
    "advisoryIds": [],
    "products": [
      "Microsoft Defender Malware Protection Engine"
    ],
    "packages": [],
    "versions": [],
    "affectedVersions": [
      "1.1.26030.3008 <= engine < 1.1.26040.8"
    ],
    "fixedVersions": [
      "1.1.26040.8"
    ],
    "files": [],
    "paths": [],
    "services": [],
    "domains": [],
    "urls": [],
    "ips": [],
    "hashes": [],
    "processPatterns": [],
    "networkPatterns": [],
    "telemetrySelectors": [
      "EventID 4688",
      "EventID 4698",
      "EventID 4732",
      "EventID 7045"
    ]
  }
}