{"dataType": "CVE_RECORD", "containers": {"cna": {"metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8, "attackVector": "ADJACENT_NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}}], "affected": [{"cpes": ["cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*"], "vendor": "microsoft", "product": "windows_server_2012", "versions": [{"status": "affected", "version": "6.3.9600"}], "defaultStatus": "unaffected"}, {"cpes": ["cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*"], "vendor": "microsoft", "product": "windows_server_2016", "versions": [{"status": "affected", "version": "10.0.14393.0", "lessThan": "10.0.14393.9060", "versionType": "custom"}], "defaultStatus": "unaffected"}, {"cpes": ["cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*"], "vendor": "microsoft", "product": "windows_server_2019", "versions": [{"status": "affected", "version": "10.0.17763.0", "lessThan": "10.0.17763.8644", "versionType": "custom"}], "defaultStatus": "unaffected"}, {"cpes": ["cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:*"], "vendor": "microsoft", "product": "windows_server_2022", "versions": [{"status": "affected", "version": "10.0.20348.0", "lessThan": "10.0.20348.5020", "versionType": "custom"}], "defaultStatus": "unaffected"}, {"cpes": ["cpe:2.3:o:microsoft:windows_server_2022_23h2:*:*:*:*:*:*:*:*"], "vendor": "microsoft", "product": "windows_server_2022_23h2", "versions": [{"status": "affected", "version": "10.0.25398.0", "lessThan": "10.0.25398.2274", "versionType": "custom"}], "defaultStatus": "unaffected"}, {"cpes": ["cpe:2.3:o:microsoft:windows_server_2025:*:*:*:*:*:*:*:*"], "vendor": "microsoft", "product": "windows_server_2025", "versions": [{"status": "affected", "version": "10.0.26100.0", "lessThan": "10.0.26100.32690", "versionType": "custom"}], "defaultStatus": "unaffected"}], "references": [{"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-33826", "tags": ["vendor-advisory"]}], "descriptions": [{"lang": "en", "value": "Improper input validation in Windows Active Directory allows an authorized attacker to execute code over an adjacent network."}], "problemTypes": [{"descriptions": [{"lang": "en", "cweId": "CWE-20", "description": "CWE-20"}]}], "x_remediations": {"windows": [{"type": "update", "anyOf": ["KB5082060", "KB5091571"], "products": ["Windows Server 2022, 23H2 Edition (Server Core installation)"]}, {"type": "update", "anyOf": ["KB5082063", "KB5091157"], "products": ["Windows Server 2025", "Windows Server 2025 (Server Core installation)"]}, {"type": "update", "anyOf": ["KB5082123", "KB5091573"], "products": ["Windows Server 2019", "Windows Server 2019 (Server Core installation)"]}, {"type": "update", "anyOf": ["KB5082126"], "products": ["Windows Server 2012 R2", "Windows Server 2012 R2 (Server Core installation)"]}, {"type": "update", "anyOf": ["KB5082142", "KB5091575"], "products": ["Windows Server 2022", "Windows Server 2022 (Server Core installation)"]}, {"type": "update", "anyOf": ["KB5082198", "KB5091572"], "products": ["Windows Server 2016", "Windows Server 2016 (Server Core installation)"]}]}, "providerMetadata": {"orgId": "00000000-0000-4000-A000-000000000003", "shortName": "nvd", "dateUpdated": "2026-04-14T18:17:35Z", "x_subShortName": "nvd"}}}, "cveMetadata": {"cveId": "CVE-2026-33826", "state": "PUBLISHED", "dateUpdated": "2026-04-17T19:19:51Z", "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "datePublished": "2026-04-14T18:17:35Z", "assignerShortName": "microsoft"}, "dataVersion": "5.0"}