Description
Use after free in Windows DWM Core Library allows an authorized attacker to elevate privileges locally.
Published: 2026-06-09
Score: 7.8 High
EPSS: n/a
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

This vulnerability is a use‑after‑free flaw in the Windows Desktop Window Manager (DWM) core library. If an attacker can read a freed memory location, the system may be forced to execute code with the privileges of the user. The affected code path allows an authorized local user to gain higher privileges on the same machine, potentially giving them full control of the system. The weakness is identified as CWE‑416.

Affected Systems

Microsoft Windows 11 26H1, 64‑bit editions, as specified by the CNA vendor/product list and detailed in the affected‑version data.

Risk and Exploitability

The CVSS score of 7.8 classifies the flaw as high severity. No EPSS score is available, so the likelihood of exploitation cannot be quantified from the data provided. The flaw is not listed in the CISA KEV catalog. Based on the description it is inferred that the attacker must be a local user with the ability to trigger the use‑after‑free condition, and network‑based exploitation is unlikely.

Generated by OpenCVE AI on June 9, 2026 at 18:54 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Apply the latest Windows 11 update that contains the fix for CVE‑2026‑44804.
  • If a patch cannot be applied immediately, limit the privileges of local applications that interact with the DWM core and isolate sensitive processes.
  • Continuously monitor system logs for anomalous privilege escalation events and keep Windows updated as new patches become available.

Generated by OpenCVE AI on June 9, 2026 at 18:54 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Tue, 09 Jun 2026 20:15:00 +0000

Type Values Removed Values Added
First Time appeared Microsoft windows 11 26h1
Vendors & Products Microsoft windows 11 26h1

Tue, 09 Jun 2026 17:15:00 +0000

Type Values Removed Values Added
Description Use after free in Windows DWM Core Library allows an authorized attacker to elevate privileges locally.
Title Windows DWM Core Library Elevation of Privilege Vulnerability
First Time appeared Microsoft
Microsoft windows 11 26h1
Weaknesses CWE-416
CPEs cpe:2.3:o:microsoft:windows_11_26H1:*:*:*:*:*:*:x64:*
Vendors & Products Microsoft
Microsoft windows 11 26h1
References
Metrics cvssV3_1

{'score': 7.8, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C'}

Subscriptions

Microsoft Windows 11 26h1 Windows 11 26h1
cve-icon MITRE

Status: PUBLISHED

Assigner: microsoft

Published:

Updated: 2026-06-09T21:51:40.444Z

Reserved: 2026-05-07T20:07:18.270Z

Link: CVE-2026-44804

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Awaiting Analysis

Published: 2026-06-09T17:17:16.350

Modified: 2026-06-09T19:32:51.440

Link: CVE-2026-44804

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-06-09T20:00:16Z

Weaknesses