CVE-2026-50469 is a Windows Projected File System elevation of privilege vulnerability caused by improper link resolution before file access (“link following”). Microsoft assigns it CVSS v3.1 base score 7.8 (High) with a temporal score of 6.8. The vector is local, with low attack complexity, low privileges required, and no user interaction. If successfully exploited, it can give an attacker the ability to delete any system files, with high confidentiality, integrity, and availability impact. Microsoft reports no public disclosure, no known exploitation, and exploit code maturity is unproven; exploitation likelihood is listed as unlikely. Because the attack is local rather than network-based, the enterprise risk is primarily to systems where attackers can obtain local execution or user access. Highlights: - CVSS scores: Base 7.8 - Temporal 6.8 - Exploit status & code maturity: Publicly Disclosed: No; Exploited: No; Exploit Code Maturity: UNPROVEN. - Impact: Elevation of Privilege; CIA impacts are HIGH / HIGH / HIGH. - Exploitation likelihood: Exploitation Unlikely; vector is LOCAL with LOW attack complexity, LOW privileges required, and NO user interaction. - Severity for enterprise: High severity by CVSS, but lower exposure than remote vulnerabilities because exploitation is local-only; risk is most relevant where untrusted local users, local code execution, or shared Windows environments exist. - Patch status: available; customer action is required. Affected systems: - Windows 10 1809 - Windows 10 21H2 - Windows 10 22H2 - Windows 11 24H2 - Windows 11 25H2 - Windows 11 26H1 - Windows 11 unspecified - Windows Server 2019 - Windows Server 2022 - Windows Server 2025