CVE-2026-49795 is a Windows Kernel Elevation of Privilege vulnerability caused by a use-after-free issue. Microsoft rates it as High severity with a CVSS v3.1 base score of 8.8 and temporal score of 7.7. The vector is local access only (AV:L), low attack complexity, low privileges required, no user interaction, and changed scope, with high confidentiality, integrity, and availability impact. Microsoft says no public disclosure and no known exploitation, but the exploitation likelihood is marked “Exploitation More Likely.” Because this is a local elevation-of-privilege issue, enterprise risk is highest where attackers can obtain local code execution or low-privilege access on affected Windows systems. Highlights: - CVSS scores: Base 8.8 - Temporal 7.7 - Exploit status & code maturity: Publicly Disclosed: No; Exploited: No; Exploit Code Maturity: UNPROVEN. - Impact: Elevation of Privilege; confidentiality, integrity, and availability impacts are all HIGH. - Exploitation likelihood: Exploitation More Likely; local vector, LOW attack complexity, LOW privileges required, and no user interaction. - Severity for enterprise: High. The local-only attack vector lowers exposure for internet-facing services, but successful local exploitation can lead to SYSTEM privileges on affected hosts. - Patch status: available; customer action required. Affected systems: - Windows 10 1809 - Windows 10 21H2 - Windows 10 22H2 - Windows 11 24H2 - Windows 11 25H2 - Windows 11 26H1 - Windows 11 unspecified - Windows Server 2019 - Windows Server 2022 - Windows Server 2025