CVE-2026-49808 is a Windows Kernel elevation of privilege vulnerability caused by a race condition / improper synchronization. Microsoft says a successful attacker could gain SYSTEM privileges. The CVSS v3.1 base score is 7.8 (High) with a temporal score of 6.8; the vector is local, requires low privileges, no user interaction, and has changed scope. Microsoft does not report public disclosure or active exploitation, and exploit code maturity is unproven. Because this is local-only and requires an existing low-privilege foothold, it is more relevant to internal systems where untrusted local code or users may be present than to externally exposed services. Highlights: - CVSS scores: Base 7.8 - Temporal 6.8 - Exploit status & code maturity: Publicly Disclosed: No; Exploited: No; Exploit Code Maturity: UNPROVEN - Impact: Elevation of Privilege; confidentiality, integrity, and availability impacts are all HIGH; successful exploitation can lead to SYSTEM privileges. - Exploitation likelihood: Exploitation Less Likely; local attack vector with HIGH attack complexity, LOW privileges required, and NO user interaction. - Severity for enterprise: High technical severity, but enterprise exposure is lower than network-reachable vulnerabilities because exploitation requires local access and an existing low-privilege context. - Patch status: available; customer action required Affected systems: - Windows 11 24H2 - Windows 11 25H2 - Windows 11 26H1 - Windows 11 unspecified - Windows Server 2025