Description
Use after free in Windows DWM Core Library allows an authorized attacker to elevate privileges locally.
Published: 2026-06-09
Score: 7.8 High
EPSS: n/a
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

A use‑after‑free flaw in the Windows Desktop Window Manager core library allows an authorized local attacker to gain privileges above those of the affected user. The vulnerability can be triggered by OOB actions that manipulate memory after it has been freed, potentially enabling code execution or elevation of privileges within the same system. The weakness is a classic use‑after‑free; the attacker could use it to execute arbitrary code in kernel or user mode depending on kernel exploits used.

Affected Systems

The flaw is limited to Microsoft Windows 11 version 26H1 on x64 systems. No other Microsoft operating system versions or other vendors are listed in the CNA affected‑product set.

Risk and Exploitability

The CVSS score of 7.8 indicates a high severity local privilege escalation. EPSS information is not available, and the vulnerability is not listed in CISA’s KEV catalog. The attack vector is likely local; an attacker must already have the ability to run code on the target machine. Once executed, the attacker can obtain elevated privileges and bypass user restrictions, potentially leading to uncontrolled system modification.

Generated by OpenCVE AI on June 9, 2026 at 18:54 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Monitor Microsoft Security Response Center for an update that addresses CVE-2026-44813.
  • Install any received Windows update that includes the fix for the DWM core library use‑after‑free flaw.
  • Apply least privilege principles to all local accounts, limiting their ability to execute code that could exploit this vulnerability.

Generated by OpenCVE AI on June 9, 2026 at 18:54 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Tue, 09 Jun 2026 20:30:00 +0000

Type Values Removed Values Added
First Time appeared Microsoft windows 11 26h1
Vendors & Products Microsoft windows 11 26h1

Tue, 09 Jun 2026 18:30:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Tue, 09 Jun 2026 17:15:00 +0000

Type Values Removed Values Added
Description Use after free in Windows DWM Core Library allows an authorized attacker to elevate privileges locally.
Title Windows DWM Core Library Elevation of Privilege Vulnerability
First Time appeared Microsoft
Microsoft windows 11 26h1
Weaknesses CWE-416
CPEs cpe:2.3:o:microsoft:windows_11_26H1:*:*:*:*:*:*:x64:*
Vendors & Products Microsoft
Microsoft windows 11 26h1
References
Metrics cvssV3_1

{'score': 7.8, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C'}

Subscriptions

Microsoft Windows 11 26h1 Windows 11 26h1
cve-icon MITRE

Status: PUBLISHED

Assigner: microsoft

Published:

Updated: 2026-06-09T21:51:39.862Z

Reserved: 2026-05-07T20:07:18.271Z

Link: CVE-2026-44813

cve-icon Vulnrichment

Updated: 2026-06-09T17:24:56.709Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2026-06-09T17:17:17.460

Modified: 2026-06-09T19:32:51.440

Link: CVE-2026-44813

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-06-09T20:15:06Z

Weaknesses