Vulnerability Report

CVE-2026-50656

Title: Elevation of Privilege in Microsoft Defender

Other

Proof Of Concept

PoC Available for CVE-2026-50656

CWE Category CWE-59

Published Date Jun 16, 2026

Modified Date Jun 17, 2026

Exploit Status Available

Score 7.8 CVSS v3.1

Exploit Probability (EPSS)

0.34%

Vulnerability Summary

CVE-2026-50656: Microsoft is aware of an elevation of privilege in the Microsoft Malware Protection Engine in Microsoft Defender publicly referred to as "RoguePlanet ". We are working to provide a high quality security update that addresses this vulnerability. We will provide information in this CVE when the update is available.

Impacted Vendors

microsoft 1

Reference Links

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-50656

CVSS v3.1

Source Entity [email protected]

Severity HIGH

7.8

Attack Vector

LOCAL

Complexity

LOW

Privileges

N/A

Interaction

NONE

Confidentiality

N/A

Integrity

N/A

Availability

N/A

Scope

UNCHANGED

RAW VECTOR CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CVSS v3.1

Source Entity [email protected]

Severity HIGH

7.0

Attack Vector

LOCAL

Complexity

HIGH

Privileges

N/A

Interaction

NONE

Confidentiality

N/A

Integrity

N/A

Availability

N/A

Scope

UNCHANGED

RAW VECTOR CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

Associated Attack Patterns (CAPEC)

Total: Patterns

CVE-2026-50656 Exploits & PoCs (Proof Of Concept)

GitHub https://github.com/0xBlackash/CVE-2026-50656

View Code

June 17, 2026 MODIFIED

Vulnerability data updated via NVD.

June 16, 2026 MODIFIED

Vulnerability data updated via NVD.

June 16, 2026 MODIFIED

Vulnerability data updated via NVD.

Attack Vector Matrix

Access Vector LOCAL

Complexity LOW

Privileges N/A

Interaction NONE

CVSS Vector String


                                    CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Affected Stack

No specific products linked.