Jul 2026: .NET Framework Elevation of Privilege Vulnerability
CVE-2026-50650 Published on July 14, 2026
.NET Framework Elevation of Privilege Vulnerability
Improper control of generation of code ('code injection') in .NET Framework allows an unauthorized attacker to elevate privileges locally.
Weakness Type
What is a Code Injection Vulnerability?
The software constructs all or part of a code segment using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the syntax or behavior of the intended code segment.
CVE-2026-50650 has been classified to as a Code Injection vulnerability or weakness.
Products Associated with CVE-2026-50650
Want to know whenever a new CVE is published for Microsoft products? stack.watch will email you.
Affected Versions
Microsoft .NET 8.0:- Version 8.0.0 and below 8.0.29 is affected.
- Version 9.0.0 and below 9.0.18 is affected.
- Version 3.5.0 and below 2.0.50727.8983 & 3.0.30729.8978 is affected.
- Version 4.7.0 and below 2.0.50727.9069 & 3.0.30729.9067 & 4.7.4143.0 is affected.
- Version 4.8.0 and below 2.0.50727.9069 & 3.0.30729.9067 & 4.8.4803.0 is affected.
- Version 4.8.1 and below 2.0.50727.9182 & 3.0.30729.9168 & 4.8.9339.0 is affected.
- Version 4.7.0 and below 4.7.4143.0 is affected.
- Version 4.8.0 and below 4.8.4803.0 is affected.
- Version 17.12.0 and below 17.12.22 is affected.
- Version 17.14.0 and below 17.14.36 is affected.
- Version 18.0 and below 18.7.4 is affected.