Elevation of Privilege Vulnerability in Windows DWM Core Library
CVE-2026-44807

7.8HIGH

Key Information:

Vendor

Microsoft

Vendor
CVE Published:
9 June 2026

What is CVE-2026-44807?

A use after free vulnerability in the Windows DWM Core Library presents an opportunity for an authorized attacker to elevate their local privileges. This vulnerability allows malicious actors to execute arbitrary code with elevated rights, potentially compromising system integrity and security. Keeping your Windows systems updated with the latest security patches is crucial to mitigating this risk.

Affected Version(s)

Windows 11 version 26H1 ARM64-based Systems 10.0.28000.0 < 10.0.28000.2269

References

CVSS V3.1

Score:
7.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.