Skip to main content

Windows Active Directory EUVDEUVD-2026-44140

| CVE-2026-50682 HIGH
Out-of-bounds Read (CWE-125)
2026-07-14 microsoft GHSA-c9q6-72fq-24hj
7.1
CVSS 3.1 · Vendor: microsoft
Share

Severity by source

Vendor (microsoft) PRIMARY
7.1 HIGH
AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H
vuln.today AI
7.1 HIGH

Network-reachable AD service, low complexity, but requires valid low-privileged credentials (PR:L); impact is primarily availability (A:H) with a minor OOB-read confidentiality leak (C:L) and no integrity effect.

3.1 AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H
4.0 AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N

Primary rating from Vendor (microsoft).

CVSS VectorVendor: microsoft

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H
Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
Low
Integrity
None
Availability
High

Lifecycle Timeline

2
Analysis Generated
Jul 14, 2026 - 19:42 vuln.today
CVE Published
Jul 14, 2026 - 17:08 nvd
HIGH 7.1

DescriptionCVE.org

Out-of-bounds read in Windows Active Directory allows an authorized attacker to deny service over a network.

AnalysisAI

Denial of service in Windows Active Directory allows an authenticated network attacker to crash or degrade the directory service via an out-of-bounds read (CWE-125). The flaw affects Active Directory across Windows 10 (21H2/22H2), Windows 11 (24H2/25H2/26H1), and Windows Server 2022/2025 including Server Core; there is no public exploit identified at time of analysis. …

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access
Obtain low-privileged domain credentials
Delivery
Reach domain controller over network
Exploit
Send crafted AD request
Execution
Trigger out-of-bounds read in service
Impact
Crash Active Directory / deny authentication

Vulnerability AssessmentAI

Exploitation Exploitation requires the attacker to already hold valid low-privileged domain credentials (CVSS PR:L - authenticated), and network reachability to the Active Directory service on a domain controller. … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment The CVSS 3.1 vector CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H (base 7.1) describes a low-complexity, network-reachable attack requiring only low privileges and no user interaction, with high availability impact and minor confidentiality impact. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario An attacker who has obtained low-privileged domain credentials (for example a compromised standard user account) sends a specially crafted request over the network to a domain controller, triggering the out-of-bounds read and crashing or hanging the Active Directory service. With the DC unavailable, domain authentication and directory lookups fail across the environment. …
Remediation Patch available per vendor advisory - apply the Microsoft security update referenced at https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-50682 for each affected Windows and Windows Server build, prioritizing domain controllers first since they run the exposed Active Directory service. … Detailed patch versions, workarounds, and compensating controls in full report.

Recommended ActionAI

Within 24 hours, identify and inventory all Windows 10 (21H2/22H2), Windows 11 (24H2/25H2/26H1), and Windows Server 2022/2025 instances in your environment and prioritize domain controllers and critical AD infrastructure by business criticality. …

Sign in for detailed remediation steps and compensating controls.

Threat intelligence, references, and detailed analysis are available after sign-in.

CVE-2026-49798 CRITICAL POC
9.3 Jul 14

Local privilege escalation in the Microsoft Windows Kernel allows an unauthorized attacker to gain elevated (SYSTEM-leve

CVE-2026-50489 HIGH POC
8.8 Jul 14

Local privilege escalation in the Windows Win32K kernel subsystem (CWE-122 heap-based buffer overflow) lets an already-a

CVE-2026-49795 HIGH POC
8.8 Jul 14

Local privilege escalation in the Windows Kernel lets an already-authenticated attacker corrupt kernel memory via a use-

CVE-2026-54128 HIGH POC
8.4 Jul 14

Local code execution in the Windows DHCP Client service stems from a use-after-free (CWE-416) memory-corruption flaw aff

CVE-2026-54992 HIGH POC
8.4 Jul 14

Local code execution in the Microsoft Message Queuing (MSMQ) Queue Manager affects a broad range of Windows client and s

CVE-2026-50667 HIGH POC
7.8 Jul 14

Elevation of privilege in the Windows NTFS file-system driver lets an already-authenticated local user escalate to SYSTE

CVE-2026-50655 HIGH POC
7.8 Jul 14

Local code execution in the Windows Media component of supported Windows 10, Windows 11, and Windows Server (2016 throug

CVE-2026-50423 HIGH POC
7.8 Jul 14

Local privilege escalation in the Microsoft Windows Kernel allows an already-authenticated attacker to elevate to SYSTEM

CVE-2026-57092 CRITICAL
9.9 Jul 14

Elevation of privilege in the Windows Hyper-V virtual network switch (VMSwitch) lets an authenticated attacker operating

CVE-2026-56188 CRITICAL
9.8 Jul 14

Remote code execution in the Windows Server Network driver stems from a race condition (CWE-362) that lets an unauthoriz

CVE-2026-56190 CRITICAL
9.8 Jul 14

Remote code execution in Microsoft Windows Remote Desktop (RDP) allows an unauthorized network attacker to run arbitrary

CVE-2026-50447 CRITICAL
9.8 Jul 14

Remote code execution in Microsoft Windows Message Queuing (MSMQ) allows an unauthenticated attacker to run arbitrary co

Share

EUVD-2026-44140 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy