216.73.216.133

CVE-2026-54424

· Published 04/07/2026 03:16 · Author: The MITRE Corporation

Labels: CVE-2026-54424

Essential information

Published
04/07/2026 03:16
Modified
Author
The MITRE Corporation
Creator
The MITRE Corporation
CVSS
8.4 HIGH (v3.1)
CISA KEV
No
CWE
CWE-648
CVSS vector
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CVSS metrics

Description

An Incorrect Use of Privileged APIs vulnerability in Unity Parsec on Windows hosts leads to a potential Elevation of Privilege. This issue affects Parsec through v2026-05-04.0. The patched version is Parsec for Windows version 150-104a. A user can generate a situation where there is an instance of parsecd.exe running as NT AUTHORITY\SYSTEM with a user-controlled value of the AppData environment variable.

NVD status

NVD
View on NVD