Jun 2026: Microsoft Defender Elevation of Privilege Vulnerability
CVE-2026-50656 Published on June 16, 2026

Microsoft Defender Elevation of Privilege Vulnerability
Microsoft is aware of an elevation of privilege in the Microsoft Malware Protection Engine in Microsoft Defender publicly referred to as "RoguePlanet ".

Vendor Advisory NVD

Weakness Type

What is an insecure temporary file Vulnerability?

The software attempts to access a file based on the filename, but it does not properly prevent that filename from identifying a link or shortcut that resolves to an unintended resource.

CVE-2026-50656 has been classified to as an insecure temporary file vulnerability or weakness.


Products Associated with CVE-2026-50656

Want to know whenever a new CVE is published for Microsoft Malware Protection Engine? stack.watch will email you.

 

Affected Versions

Microsoft Malware Protection Engine:

Exploit Probability

EPSS
0.34%
Percentile
25.96%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.