CVE-2026-50370 is a Windows DHCP Server Service remote code execution vulnerability caused by a heap-based buffer overflow. It has a CVSS v3.1 base score of 8.8 and temporal score of 7.7, with adjacent network attack vector, low attack complexity, no privileges required, and no user interaction. The impact is high for confidentiality, integrity, and availability. Microsoft says it is not publicly disclosed and not known to be exploited, but exploitation is rated more likely. Because the affected service is a DHCP server, enterprise risk is higher where DHCP services are exposed on reachable internal network segments. Highlights: - CVSS scores: Base 8.8 - Temporal 7.7 - Exploit status & code maturity: Publicly Disclosed: No; Exploited: No; Exploit Code Maturity: UNPROVEN - Impact: Remote Code Execution with HIGH confidentiality, integrity, and availability impacts - Exploitation likelihood: Exploitation More Likely; adjacent network vector, LOW attack complexity, NO privileges required, and NO user interaction - Severity for enterprise: High. The attack is network-adjacent rather than local, with no authentication or user interaction required, which increases risk for enterprise DHCP server deployments on trusted internal networks - Patch status: available; customer action required Affected systems: - Windows 10 1607 - Windows 10 1809 - Windows Server 2012 - Windows Server 2012 R2 - Windows Server 2016 - Windows Server 2019 - Windows Server 2022 - Windows Server 2025