CVE-2026-49166 is a Windows Print Configuration elevation of privilege vulnerability caused by a use-after-free condition. Microsoft rates it High severity with a CVSS v3.1 base score of 7.8 and temporal score of 6.8. The vector is local-only (AV:L), requires low privileges and no user interaction, and has high confidentiality, integrity, and availability impact. Microsoft says exploitation is not publicly disclosed and has not been exploited, with code maturity unproven. Because the attack is local rather than network-based, enterprise risk is mainly for systems where untrusted local users or code can run. Highlights: - CVSS scores: Base 7.8 - Temporal 6.8 - Exploit status & code maturity: Publicly Disclosed: No; Exploited: No; Exploit Code Maturity: UNPROVEN. - Impact: Elevation of Privilege; confidentiality, integrity, and availability impacts are all HIGH. Microsoft states a successful attacker could gain SYSTEM privileges. - Exploitation likelihood: Exploitation Less Likely; local vector (AV:L), LOW attack complexity, LOW privileges required, and NO user interaction. - Severity for enterprise: High technical severity, but lower exposure than network-reachable issues because exploitation requires local access. Risk is most relevant on shared Windows systems or environments where untrusted local code/users are present. - Patch status: available; customer action required. Affected systems: - Windows 11 24H2 - Windows 11 25H2 - Windows 11 26H1 - Windows 11 unspecified - Windows Server 2025