Improper access control in Windows System allows an unauthorized attacker to bypass a security feature locally.
History

Wed, 15 Jul 2026 14:30:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


Tue, 14 Jul 2026 17:45:00 +0000

Type Values Removed Values Added
Description Improper access control in Windows System allows an unauthorized attacker to bypass a security feature locally.
Title Windows System Secure Feature Bypass Vulnerability
First Time appeared Microsoft
Microsoft windows 11 24h2
Microsoft windows 11 25h2
Microsoft windows 11 26h1
Microsoft windows Server 2022
Microsoft windows Server 2025
Weaknesses CWE-284
CPEs cpe:2.3:o:microsoft:windows_11_24H2:*:*:*:*:*:*:arm64:*
cpe:2.3:o:microsoft:windows_11_25H2:*:*:*:*:*:*:arm64:*
cpe:2.3:o:microsoft:windows_11_26H1:*:*:*:*:*:*:x64:*
cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_server_2025:*:*:*:*:*:*:*:*
Vendors & Products Microsoft
Microsoft windows 11 24h2
Microsoft windows 11 25h2
Microsoft windows 11 26h1
Microsoft windows Server 2022
Microsoft windows Server 2025
References
Metrics cvssV3_1

{'score': 5.1, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N/E:U/RL:O/RC:C'}


cve-icon MITRE

Status: PUBLISHED

Assigner: microsoft

Published: 2026-07-14T17:07:03.025Z

Updated: 2026-07-17T21:30:52.381Z

Reserved: 2026-06-04T18:56:53.259Z

Link: CVE-2026-50418

cve-icon Vulnrichment

Updated: 2026-07-15T13:35:14.550Z

cve-icon NVD

No data.

cve-icon Redhat

No data.