Zero Day MonitorZDM
DashboardVulnerabilitiesTrendingZero-DaysNewsAbout
Login
ImpressumPrivacy Policy
Zero Day Monitor © 2026
4166 articles · 176028 vulns · 37/41 feeds (7d)
← Back to list
7.5
CVE-2026-50330EXPLOITEDPATCHED
Microsoft · Windows 10 Version 1607

Windows Remote Desktop Client Elevation of Privilege Vulnerability

Description

Heap-based buffer overflow in Remote Desktop Client allows an unauthorized attacker to elevate privileges over a network.

Affected Products

VendorProductVersions
MicrosoftWindows 10 Version 160710.0.14393.0, 10.0.17763.0, 10.0.19044.0, 10.0.19045.0, 10.0.26100.0, 10.0.26200.0, 10.0.28000.0, 6.2.9200.0, 6.2.9200.0, 6.3.9600.0, 6.3.9600.0, 10.0.14393.0, 10.0.14393.0, 10.0.17763.0, 10.0.17763.0, 10.0.20348.0, 10.0.26100.0, 10.0.26100.0

Also Affects

Downstream vendors/products affected by this vulnerability

VendorProductSourceConfidence
microsoftwindows server 2012 (server core installation)mitre_affected90%
microsoftwindows 11 version 26h1mitre_affected90%
microsoftwindows 10 version 21h2mitre_affected90%
microsoftwindows server 2016 (server core installation)mitre_affected90%
microsoftwindows 11 version 25h2mitre_affected90%

References

  • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-50330(vendor-advisory, patch)

Related News (3 articles)

Tier B
BSI Advisories2h ago
[NEU] [kritisch] Microsoft Windows Produkte: Mehrere Schwachstellen
→ No new info (linked only)
Tier C
VulDB12h ago
CVE-2026-50330 | Microsoft Windows up to Server 2025 Remote Desktop Client heap-based overflow
→ No new info (linked only)
Tier A
Microsoft MSRC18h ago
CVE-2026-50330 Windows Remote Desktop Client Elevation of Privilege Vulnerability
→ No new info (linked only)
CVSS 3.17.5 HIGH
VectorCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
CISA KEV❌ No
Actively exploited✅ Yes
Patch available
10.0.14393.933910.0.17763.902010.0.19044.754810.0.19045.754810.0.26100.887510.0.26200.887510.0.28000.22696.2.9200.262266.3.9600.2329110.0.20348.538610.0.26100.33158
CWECWE-122
PublishedJul 14, 2026
Last enriched15h agov2
Trending Score77
Source articles3
Independent3
Info Completeness9/14
Missing: title, epss, kev, iocs, mitre_attack

Community Vote

0
Login to vote
0 upvotes0 downvotes
No votes yet

Related CVEs (5)

HIGHCVE-2026-56164EXPKEV
Microsoft SharePoint Server Elevation of Privilege Vulnerability
Trending: 146
HIGHCVE-2026-56155EXPKEV
Active Directory Federation Services Elevation of Privilege Vulnerability
Trending: 142
HIGHCVE-2026-50656EXP
Microsoft Defender Elevation of Privilege Vulnerability
Trending: 95
CRITICALCVE-2026-55040EXP
Microsoft SharePoint Server Security Feature Bypass Vulnerability
Trending: 86
CRITICALCVE-2026-48561EXP
Microsoft Copilot Remote Code Execution Vulnerability
Trending: 81

Pin to Dashboard

Verification

State: verified
Confidence: 0%

Vulnerability Timeline

CVE Published
Jul 14, 2026
Discovered by ZDM
Jul 14, 2026
Updated: description, exploitAvailable, activelyExploited
Jul 14, 2026
Actively Exploited
Jul 15, 2026
Exploit Available
Jul 15, 2026
Patch Available
Jul 15, 2026

Version History

v2
Last enriched 15h ago
v2Tier A15h ago

Added a detailed description of the vulnerability and marked it as actively exploited with an exploit available.

descriptionexploitAvailableactivelyExploited
via Microsoft MSRC
v115h ago

Initial creation