CVE-2026-58626 is a Windows Remote Desktop Services remote code execution vulnerability caused by a use-after-free issue. Microsoft rates it HIGH with a CVSS v3.1 base score of 8.8 and temporal score of 7.7. The attack vector is NETWORK, attack complexity is LOW, privileges required are LOW, and user interaction is NONE. Microsoft lists the exploit status as not publicly disclosed, not exploited, and exploitation unlikely. Because it affects an authenticated RDP path and can lead to remote code execution on Windows systems, it is relevant for enterprise environments where Remote Desktop Services are exposed or used by authenticated users. Highlights: - CVSS scores: Base 8.8 - Temporal 7.7 - Exploit status & code maturity: Publicly Disclosed: No; Exploited: No; Exploit Code Maturity: UNPROVEN. - Impact: Remote Code Execution with HIGH confidentiality, integrity, and availability impacts. - Exploitation likelihood: Exploitation Unlikely; network vector, LOW attack complexity, LOW privileges required, and NO user interaction reduce exposure, but authenticated RDP access is still required. - Severity for enterprise: High severity. Network-based RDP exposure and code execution impact make this important for enterprise systems, especially where authenticated remote desktop access is permitted. - Patch status: available Affected systems: - Windows 10 21H2 - Windows 10 22H2 - Windows 11 24H2 - Windows 11 25H2 - Windows 11 26H1 - Windows 11 unspecified - Windows Server 2022 - Windows Server 2025