CVE-2026-49798
Received Received - Intake

Use After Free in Windows Kernel Allows Local Privilege Escalation

Vulnerability report for CVE-2026-49798, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.

Publication date: 2026-07-14

Last updated on: 2026-07-14

Assigner: Microsoft Corporation

Description

Use after free in Windows Kernel allows an unauthorized attacker to elevate privileges locally.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published
2026-07-14
Last Modified
2026-07-14
Generated
2026-07-14
AI Q&A
2026-07-14
EPSS Evaluated
N/A
NVD
EUVD

Affected Vendors & Products

Showing 1 associated CPE
Vendor Product Version / Range
microsoft windows_kernel *

Helpful Resources

Exploitability

CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-416 The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.

Attack-Flow Graph

AI Quick Actions

Instant insights powered by AI
Executive Summary

CVE-2026-49798 is a use-after-free vulnerability in the Windows Kernel. This type of vulnerability occurs when a program continues to use memory after it has been freed, which can lead to unexpected behavior or exploitation.

In this case, an unauthorized attacker can exploit this flaw locally to elevate their privileges on the affected system. This means the attacker could gain higher-level permissions, such as administrative access, even if they initially had limited or no privileges.

Impact Analysis

This vulnerability can have serious impacts if exploited:

  • An attacker with local access to your system could gain elevated privileges, allowing them to take full control of the affected machine.
  • With elevated privileges, the attacker could install malicious software, steal sensitive data, or disrupt system operations.
  • The vulnerability does not require user interaction, meaning it could be exploited silently once the attacker has local access.

The CVSS base score of 9.3 (Critical) indicates a high severity, emphasizing the potential risk to affected systems.

Compliance Impact

This vulnerability could impact compliance with several standards and regulations, depending on the context of the affected system:

  • GDPR: If the affected system processes or stores personal data of EU citizens, a successful exploit could lead to unauthorized access or exfiltration of this data. This may result in a data breach, triggering GDPR's reporting requirements and potential fines for failing to protect personal data.
  • HIPAA: For systems handling protected health information (PHI), this vulnerability could allow an attacker to access or modify sensitive patient data. This would constitute a breach under HIPAA, requiring notification and potentially leading to penalties for non-compliance.
  • Other standards (e.g., ISO 27001, NIST): The vulnerability represents a failure to maintain secure system configurations and could indicate gaps in access control or vulnerability management processes, which are critical requirements under these frameworks.

Organizations should assess whether this vulnerability affects systems in scope for these regulations and take appropriate remediation steps to maintain compliance.

Mitigation Strategies

Apply the security update provided by Microsoft for CVE-2026-49798. The update addresses the use after free vulnerability in the Windows Kernel.

  • Visit the Microsoft Security Response Center (MSRC) update guide for CVE-2026-49798 to download and install the patch.
  • Ensure all Windows systems are updated to the latest version to prevent local privilege escalation attacks.

Chat Assistant

Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-49798. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70

EPSS Chart