CVE-2026-50441
Untrusted pointer dereference in Windows Resilient File System (ReFS) allows an authorized attacker to elevate privileges locally.
CVSS
7.8
High
EPSS
0.2%
p16
KEV
—
Exploit Today
5
0-100
Published: Jul 14, 2026 · Last modified: Jul 15, 2026 · CWE-822
0.2%EPSS · 30 days0.2%
2026-07-152026-07-19
Untrusted pointer dereference in Windows Resilient File System (ReFS) allows an authorized attacker to elevate privileges locally.
CVECVSSEPSSKEVRExploitTitleMod.
CVE-2026-504247.5 HIG53.6%
——16Untrusted pointer dereference in Windows Domain Controller allows an unauthorized attacker to deny service over a network.5dCVE-2026-585968.3 HIG36.5%
——11Untrusted pointer dereference in Microsoft Edge (Chromium-based) allows an unauthorized attacker to elevate privileges over a network.6dCVE-2026-485805.5 MED36.2%
——11Untrusted pointer dereference in Microsoft Office Excel allows an unauthorized attacker to disclose information locally.4dCVE-2026-456457.8 HIG29.4%
——9Untrusted pointer dereference in Microsoft Office allows an unauthorized attacker to execute code locally.11dCVE-2026-551385.5 MED26.7%
——8Untrusted pointer dereference in Microsoft Office Excel allows an unauthorized attacker to disclose information locally.4dCVE-2026-504797.8 HIG23.9%
——7Untrusted pointer dereference in Windows USB Hub Driver allows an authorized attacker to elevate privileges locally.3d