Description
Use after free in Windows DWM Core Library allows an authorized attacker to elevate privileges locally.
Published: 2026-06-09
Score: 7.8 High
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

A use-after-free flaw exists in the Windows Desktop Window Manager Core Library that an attacker with local account privileges can exploit to execute code with elevated rights. The vulnerability allows a trusted user to trigger memory corruption during a deallocation event, potentially leading to unauthorized access to protected resources or system controls.

Affected Systems

The affected product is Microsoft Windows 11 version 26H1 running on x64 architecture. Only systems that include the unpatched DWM core component are vulnerable; all other Windows releases were not explicitly listed in the CNA data.

Risk and Exploitability

The CVSS base score of 7.8 indicates a high-impact vulnerability. The EPSS score is not available, and the issue is not presently listed in the CISA KEV catalog, suggesting that widespread exploitation has not been confirmed. The exploit requires a local user context and direct interaction with the DWM core library; no remote attack vector is documented. Consequently, the risk is significant for systems that allow local users to run arbitrary applications in an elevated context.

Generated by OpenCVE AI on June 9, 2026 at 18:58 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Check for and install the latest Windows 11 26H1 cumulative update that addresses CVE-2026-44808
  • Configure the system to automatically install security updates via Windows Update or WSUS to ensure timely delivery of the fix
  • Restrict local administrator privileges and enforce the principle of least privilege to reduce the potential impact of a local privilege escalation attempt

Generated by OpenCVE AI on June 9, 2026 at 18:58 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Wed, 10 Jun 2026 11:30:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Wed, 10 Jun 2026 11:15:00 +0000

Type Values Removed Values Added
First Time appeared Microsoft windows 11 26h1
Vendors & Products Microsoft windows 11 26h1

Tue, 09 Jun 2026 17:15:00 +0000

Type Values Removed Values Added
Description Use after free in Windows DWM Core Library allows an authorized attacker to elevate privileges locally.
Title Windows DWM Core Library Elevation of Privilege Vulnerability
First Time appeared Microsoft
Microsoft windows 11 26h1
Weaknesses CWE-122
CWE-125
CPEs cpe:2.3:o:microsoft:windows_11_26H1:*:*:*:*:*:*:x64:*
Vendors & Products Microsoft
Microsoft windows 11 26h1
References
Metrics cvssV3_1

{'score': 7.8, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C'}

Subscriptions

Microsoft Windows 11 26h1 Windows 11 26h1
cve-icon MITRE

Status: PUBLISHED

Assigner: microsoft

Published:

Updated: 2026-06-10T10:10:40.726Z

Reserved: 2026-05-07T20:07:18.271Z

Link: CVE-2026-44808

cve-icon Vulnrichment

Updated: 2026-06-10T10:10:36.144Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2026-06-09T17:17:16.753

Modified: 2026-06-09T19:32:51.440

Link: CVE-2026-44808

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-06-10T11:00:14Z

Weaknesses