CVE-2026-44811

Summary

Use after free in Windows DWM Core Library allows an authorized attacker to elevate privileges locally.

Affected Software

VendorProductVersion RangeStatus
MicrosoftWindows 11 version 26H110.0.28000.0 < 10.0.28000.2269affected

Weaknesses

  • CWE-122: CWE-122: Heap-based Buffer Overflow
  • CWE-20: CWE-20: Improper Input Validation

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References