Home
HIGH: 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10.0.26100.0 (custom) before 10.0.26100.8875
affected
10.0.26200.0 (custom) before 10.0.26200.8875
affected
10.0.28000.0 (custom) before 10.0.28000.2525
affected
Description
Use after free in Windows Media allows an authorized attacker to elevate privileges locally.
Problem types
CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
Product status
References
msrc.microsoft.com/update-guide/vulnerability/CVE-2026-50677 (Windows Media Elevation of Privilege Vulnerability)