CVE-2026-58634 - Desktop Window Manager Elevation of Privilege Vulnerability is a use-after-free vulnerability in Windows 11 26H1 that can allow elevation of privilege to SYSTEM assigned integrity level. Microsoft rates it as CVSS v3.1 7.8 (High) with a temporal score of 6.8; the vector is LOCAL, LOW attack complexity, LOW privileges required, and no user interaction. Microsoft reports no public disclosure and no known exploitation, with exploit code maturity UNPROVEN. Because the issue is local rather than network-exploitable, enterprise risk is concentrated on systems where attackers already have local access. Highlights: - CVSS scores: Base 7.8 - Temporal 6.8 - Exploit status & code maturity: Publicly Disclosed: No; Exploited: No; Exploit Code Maturity: UNPROVEN. - Impact: Elevation of Privilege; confidentiality, integrity, and availability impacts are all HIGH. - Exploitation likelihood: Exploitation Less Likely; LOCAL attack vector with LOW attack complexity, LOW privileges required, and no user interaction. - Severity for enterprise: High severity if a local attacker can reach the vulnerable component, but lower exposure than network-reachable vulnerabilities because exploitation requires local access. - Patch status: available Affected systems: - Windows 11 26H1, unspecified