CVE-2026-50327 is a Windows Media heap-based buffer overflow vulnerability that can lead to remote code execution. Microsoft rates it at CVSS v3.1 7.8 (HIGH) with a temporal score of 6.8; the vector is local attack, low attack complexity, low privileges required, no user interaction, and unchanged scope. Microsoft lists no public disclosure and no known exploitation, with exploit code maturity unproven, but also says exploitation is more likely. Because the attack vector is local rather than network-based, enterprise risk is higher for systems where untrusted local code or users can run, not for remote internet exposure. Highlights: - CVSS scores: Base 7.8 - Temporal 6.8 - Exploit status & code maturity: Publicly Disclosed: No; Exploited: No; Exploit Code Maturity: UNPROVEN. - Impact: Remote Code Execution with HIGH confidentiality, integrity, and availability impacts. - Exploitation likelihood: Exploitation More Likely; vector context is LOCAL, LOW attack complexity, LOW privileges required, and NO user interaction. - Severity for enterprise: High severity by CVSS, but real-world exposure is primarily local. Risk is more relevant on endpoints or shared Windows systems where a low-privileged local attacker could execute code. - Patch status: available Affected systems: - Windows 11 24H2 - Windows 11 25H2 - Windows 11 26H1 - Windows 11 unspecified - Windows Server 2025