CVE-2026-50487 is a Windows DNS Client use-after-free vulnerability that can lead to elevation of privilege to SYSTEM. Microsoft rates it as High severity with a CVSS v3.1 base score of 8.1 and temporal score of 7.1. The vector is network-based with high attack complexity, no privileges required, no user interaction, and unchanged scope, with high confidentiality, integrity, and availability impacts. Microsoft reports no public disclosure and no known exploitation, and exploit code maturity is unproven. Because it affects the Windows DNS Client on supported Windows desktop and server systems, it is relevant to enterprise environments, though the high attack complexity reduces exposure compared with lower-complexity network vulnerabilities. Highlights: - CVSS scores: Base 8.1 - Temporal 7.1 - Exploit status & code maturity: Publicly Disclosed: No; Exploited: No; Exploit Code Maturity: UNPROVEN - Impact: Elevation of Privilege; confidentiality, integrity, and availability impacts are all HIGH - Exploitation likelihood: Exploitation Less Likely; network vector with HIGH attack complexity, NO privileges required, and NO user interaction - Severity for enterprise: High priority due to network reachability and SYSTEM-level privilege gain potential, but somewhat reduced by the HIGH attack complexity and lack of known exploitation - Patch status: available; customer action required Affected systems: - Windows 11 24H2 - Windows 11 25H2 - Windows 11 26H1 - Windows 11 unspecified - Windows Server 2025