Skip to main content

Windows Kernel EUVDEUVD-2026-44085

| CVE-2026-50459 HIGH
Use After Free (CWE-416)
2026-07-14 microsoft GHSA-pfwp-6ww7-h9wr
7.0
CVSS 3.1 · Vendor: microsoft
Share

Severity by source

Vendor (microsoft) PRIMARY
7.0 HIGH
AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
vuln.today AI
6.7 MEDIUM

Local kernel EoP realistically needs a standard-user foothold so PR:L; UAF race gives AC:H, UI:R per vendor, and successful exploitation yields full SYSTEM-level C/I/A.

3.1 AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H
4.0 AV:L/AC:H/AT:N/PR:L/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Primary rating from Vendor (microsoft).

CVSS VectorVendor: microsoft

CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
Attack Vector
Local
Attack Complexity
High
Privileges Required
None
User Interaction
Required
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

2
Analysis Generated
Jul 14, 2026 - 20:17 vuln.today
CVE Published
Jul 14, 2026 - 17:07 nvd
HIGH 7.0

DescriptionCVE.org

Use after free in Windows Kernel allows an unauthorized attacker to elevate privileges locally.

AnalysisAI

Local privilege escalation in the Microsoft Windows Kernel arises from a use-after-free (CWE-416) memory-corruption flaw that lets an attacker running code on the machine gain higher privileges, potentially SYSTEM. It affects a broad range of current Windows client and server builds (Windows 10 21H2/22H2, Windows 11 24H2/25H2/26H1, Windows Server 2022/2025). …

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access
Gain local low-privileged code execution
Delivery
Trigger use-after-free in kernel object
Exploit
Reclaim freed memory in race window
Execution
Corrupt kernel structures / token
Impact
Elevate to SYSTEM privileges

Vulnerability AssessmentAI

Exploitation Exploitation requires local access to the affected Windows host - the attacker must be able to execute code on the machine (AV:L), consistent with a standard-user or malware foothold seeking elevation. … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment The CVSS 3.1 vector (AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H, base 7.0) describes a local-only vulnerability with high attack complexity requiring user interaction, but full high confidentiality, integrity, and availability impact once triggered - a classic elevation-of-privilege profile. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario A low-privileged user (or malware already running under a standard account) executes a crafted program that triggers the use-after-free in the Windows Kernel, wins the timing window to reclaim the freed object, and corrupts kernel memory to elevate to SYSTEM. Given AC:H and UI:R, the attacker likely needs a specific interaction or repeated attempts to hit the race reliably, and no public exploit is identified at time of analysis.
Remediation Apply the Microsoft security update for CVE-2026-50459 - Patch available per vendor advisory - via the standard cumulative update for each affected SKU; consult https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-50459 for the exact KB and fixed build for your Windows 10/11 or Windows Server version, as specific fixed version numbers are not enumerated in the provided data. … Detailed patch versions, workarounds, and compensating controls in full report.

Recommended ActionAI

Within 24 hours, execute an inventory query to identify all instances of Windows 10 (21H2/22H2), Windows 11 (24H2/25H2/26H1), Windows Server 2022, and Windows Server 2025 in your environment. …

Sign in for detailed remediation steps and compensating controls.

Threat intelligence, references, and detailed analysis are available after sign-in.

CVE-2026-49798 CRITICAL POC
9.3 Jul 14

Local privilege escalation in the Microsoft Windows Kernel allows an unauthorized attacker to gain elevated (SYSTEM-leve

CVE-2026-50489 HIGH POC
8.8 Jul 14

Local privilege escalation in the Windows Win32K kernel subsystem (CWE-122 heap-based buffer overflow) lets an already-a

CVE-2026-49795 HIGH POC
8.8 Jul 14

Local privilege escalation in the Windows Kernel lets an already-authenticated attacker corrupt kernel memory via a use-

CVE-2026-54128 HIGH POC
8.4 Jul 14

Local code execution in the Windows DHCP Client service stems from a use-after-free (CWE-416) memory-corruption flaw aff

CVE-2026-54992 HIGH POC
8.4 Jul 14

Local code execution in the Microsoft Message Queuing (MSMQ) Queue Manager affects a broad range of Windows client and s

CVE-2026-50667 HIGH POC
7.8 Jul 14

Elevation of privilege in the Windows NTFS file-system driver lets an already-authenticated local user escalate to SYSTE

CVE-2026-50655 HIGH POC
7.8 Jul 14

Local code execution in the Windows Media component of supported Windows 10, Windows 11, and Windows Server (2016 throug

CVE-2026-50423 HIGH POC
7.8 Jul 14

Local privilege escalation in the Microsoft Windows Kernel allows an already-authenticated attacker to elevate to SYSTEM

CVE-2026-57092 CRITICAL
9.9 Jul 14

Elevation of privilege in the Windows Hyper-V virtual network switch (VMSwitch) lets an authenticated attacker operating

CVE-2026-56188 CRITICAL
9.8 Jul 14

Remote code execution in the Windows Server Network driver stems from a race condition (CWE-362) that lets an unauthoriz

CVE-2026-56190 CRITICAL
9.8 Jul 14

Remote code execution in Microsoft Windows Remote Desktop (RDP) allows an unauthorized network attacker to run arbitrary

CVE-2026-50447 CRITICAL
9.8 Jul 14

Remote code execution in Microsoft Windows Message Queuing (MSMQ) allows an unauthenticated attacker to run arbitrary co

Share

EUVD-2026-44085 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy