Jul 2026: .NET Framework Elevation of Privilege Vulnerability
CVE-2026-50650 Published on July 14, 2026

.NET Framework Elevation of Privilege Vulnerability
Improper control of generation of code ('code injection') in .NET Framework allows an unauthorized attacker to elevate privileges locally.

Vendor Advisory NVD

Weakness Type

What is a Code Injection Vulnerability?

The software constructs all or part of a code segment using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the syntax or behavior of the intended code segment.

CVE-2026-50650 has been classified to as a Code Injection vulnerability or weakness.


Products Associated with CVE-2026-50650

Want to know whenever a new CVE is published for Microsoft products? stack.watch will email you.

 
 
 

Affected Versions

Microsoft .NET 8.0: Microsoft .NET 9.0: Microsoft .NET Framework 3.5: Microsoft .NET Framework 3.5 AND 4.7.2: Microsoft .NET Framework 3.5 AND 4.8: Microsoft .NET Framework 3.5 AND 4.8.1: Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2: Microsoft .NET Framework 4.8: Microsoft Visual Studio 2022 version 17.12: Microsoft Visual Studio 2022 version 17.14: Microsoft Visual Studio 2026 version 18.7: