CVE-2026-50656

Microsoft Defender Elevation of Privilege Vulnerability

CVSS 7.8 HIGHEPSS 3.4%CWE-59

Microsoft is aware of an elevation of privilege in the Microsoft Malware Protection Engine in Microsoft Defender publicly referred to as "RoguePlanet ". We are working to provide a high quality security update that addresses this vulnerability. We will provide information in this CVE when the update is available.

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:F/RL:U/RC:C

Affected products

Microsoft · Microsoft Malware Protection Engine

public PoCs found — 2

githubgithub.com/0xBlackash/CVE-2026-50656★ 3 cve_referencegithub.com/MSNightmare/RoguePlanetunverified

⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://github.com/MSNightmare/RoguePlanet https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-50656