www.securityweek.com 7/9/2026, 11:09:18 AM · external

Microsoft patches privilege escalation flaw CVE-2026-50

Microsoft patches privilege escalation flaw CVE-2026-50
CyberSIXT Evidence Panel
Primary Source msrc.microsoft.com
CVE Intel
CISA KEV Not in KEV
Patch Patch Available

MICROSOFT has released patches for a vulnerability in its Defender software called RoguePlanet, which was first publicly exploited by a researcher known as Nightmare Eclipse. This vulnerability, tracked as CVE-2026-50656, allows privilege escalation due to a race condition. The patches were provided through an automatic update via the Microsoft Malware Protection Engine.

Although no reports of exploitation were documented for RoguePlanet, the same researcher has uncovered additional vulnerabilities in Defender relating to memory leaks and quarantined files. Previous vulnerabilities disclosed by Nightmare Eclipse have been exploited in the wild.

View Primary Source Via www.securityweek.com

Article by CyberSIXT

Timeline Coverage

Swipe to explore timeline