Elevation of Privilege Vulnerability in Desktop Window Manager by Microsoft
CVE-2026-58634

7.8HIGH

Key Information:

Vendor

Microsoft

Vendor
CVE Published:
14 July 2026

What is CVE-2026-58634?

A use after free vulnerability in the Desktop Window Manager allows an authorized attacker to potentially elevate their privileges locally. This security flaw can be exploited under certain conditions, enabling the attacker to gain higher-level access to system resources or operations that would typically require elevated privileges. Users are encouraged to apply the latest patches and updates to safeguard their systems against such vulnerabilities.

Affected Version(s)

Windows 11 version 26H1 ARM64-based Systems 10.0.28000.0 < 10.0.28000.2525

References

CVSS V3.1

Score:
7.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.