CVE-2026-50427 is a Windows Content Delivery Manager use-after-free vulnerability that can lead to elevation of privilege. Microsoft rates it at CVSS v3.1 base 7.8 (High) with a temporal score of 6.8. The attack vector is local, with low attack complexity, low privileges required, and no user interaction. Exploit status is not public and not known to be exploited, and Microsoft indicates exploitation is unlikely. Because this is a local privilege escalation issue rather than a network-exposed flaw, enterprise risk is mainly for systems where untrusted local code or users are present. Highlights: - CVSS scores: Base 7.8 - Temporal 6.8 - Exploit status & code maturity: Publicly Disclosed: No; Exploited: No; Exploit Code Maturity: UNPROVEN. - Impact: Elevation of Privilege; confidentiality, integrity, and availability impacts are all HIGH. - Exploitation likelihood: Exploitation Unlikely; vector is LOCAL with LOW attack complexity, LOW privileges required, and NO user interaction. - Severity for enterprise: High technical severity, but lower exposure-driven risk than network-based issues because exploitation requires local access; higher concern on shared, multi-user, or untrusted local-code environments. - Patch status: available; customer action required. Affected systems: - Windows 10 1809 - Windows 10 21H2 - Windows 10 22H2 - Windows 11 24H2 - Windows 11 25H2 - Windows 11 26H1 - Windows 11 unspecified - Windows Server 2019 - Windows Server 2025