๐Ÿ” CVE Alert

CVE-2026-50364

HIGH 7.3

Windows Backup Service Elevation of Privilege Vulnerability

CVSS Score
7.3
EPSS Score
0.4%
EPSS Percentile
27th

Improper link resolution before file access ('link following') in Windows Server Backup allows an authorized attacker to elevate privileges locally.

Vendor microsoft
Product windows 10 version 21h2
Ecosystems
Industries
TechnologyEnterprise
Published Jul 14, 2026
Last Updated Jul 16, 2026
Stay Ahead of the Next One

Get instant alerts for microsoft windows 10 version 21h2

Be the first to know when new high vulnerabilities affecting microsoft windows 10 version 21h2 are published โ€” delivered to Slack, Telegram or Discord.

Get Free Alerts โ†’ Free ยท No credit card ยท 60 sec setup

CVSS v3 Breakdown

CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability

Affected Versions

Microsoft / Windows 10 Version 21H2
10.0.19044.0 < 10.0.19044.7548
Microsoft / Windows 10 Version 22H2
10.0.19045.0 < 10.0.19045.7548
Microsoft / Windows 11 Version 24H2
10.0.26100.0 < 10.0.26100.8875
Microsoft / Windows 11 Version 25H2
10.0.26200.0 < 10.0.26200.8875
Microsoft / Windows 11 version 26H1
10.0.28000.0 < 10.0.28000.2269

References

NVD โ†— CVE.org โ†— EPSS Data โ†—
msrc.microsoft.com: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-50364