CVE-2026-50413 is a Windows Runtime elevation of privilege vulnerability caused by a use-after-free issue. Microsoft rates it CVSS v3.1 8.8 (High) with a temporal score of 7.7; the vector is LOCAL, low attack complexity, low privileges required, no user interaction, and changed scope. Microsoft says it is not publicly disclosed and not known to be exploited, with exploit code maturity marked UNPROVEN. The FAQ states a successful attacker could elevate from Low Integrity Level in a contained/sandboxed execution environment to Medium Integrity Level. Because this is a local attack path, it is less relevant to internet-facing services than network-reachable vulnerabilities, but it is still a high-severity enterprise issue on systems where untrusted local code can run. Highlights: - CVSS scores: Base 8.8 - Temporal 7.7 - Exploit status & code maturity: Publicly Disclosed: No; Exploited: No; Exploit Code Maturity: UNPROVEN - Impact: Elevation of Privilege; confidentiality, integrity, and availability impacts are HIGH - Exploitation likelihood: Exploitation Less Likely; LOCAL vector with LOW attack complexity, LOW privileges required, and NO user interaction - Severity for enterprise: High technical severity, but enterprise risk is mainly on endpoints and multi-user Windows systems where local code execution is possible; lower risk for network-exposed services because the attack is local-only - Patch status: available; customer action required Affected systems: - Windows 11 24H2 - Windows 11 25H2 - Windows 11 26H1 - Windows 11 unspecified - Windows Server 2025