CVE-2026-50357 is a Windows Resilient File System (ReFS) Elevation of Privilege vulnerability described as a numeric truncation error. Microsoft rates it CVSS v3.1 7.8 (High) with a temporal score of 6.8. The attack vector is LOCAL, attack complexity is LOW, privileges required are LOW, and user interaction is NONE. If exploited, it can impact confidentiality, integrity, and availability at HIGH levels. Microsoft reports no public disclosure and no known exploitation, with exploit code maturity UNPROVEN and exploitation likelihood marked as Exploitation Unlikely. Because it is local-only, enterprise risk is mainly to systems where an attacker can already obtain local access or low privileges, rather than to network-exposed services. Highlights: - CVSS scores: Base 7.8 - Temporal 6.8 - Exploit status & code maturity: Publicly Disclosed: No; Exploited: No; Exploit Code Maturity: UNPROVEN. - Impact: Elevation of Privilege with HIGH confidentiality, integrity, and availability impacts. - Exploitation likelihood: Exploitation Unlikely; vector context is LOCAL, LOW attack complexity, LOW privileges required, and NO user interaction. - Severity for enterprise: High-severity local privilege escalation affecting Windows ReFS; lower risk to internet-facing services than network-based vulnerabilities, but still relevant on systems where untrusted local code or users are present. - Patch status: available; customer action required. Affected systems: - Windows 10 1607 - Windows 10 1809 - Windows 10 21H2 - Windows 10 22H2 - Windows 11 24H2 - Windows 11 25H2 - Windows 11 26H1 - Windows 11 unspecified - Windows Server 2016 - Windows Server 2019 - Windows Server 2022 - Windows Server 2025