CVE-2026-50382
DirectX Graphics Kernel Remote Code Execution Vulnerability
Description
Untrusted pointer dereference in Windows DirectX allows an authorized attacker to execute code locally.
In plain language
AI Act nowCVE-2026-50382 is a Windows DirectX flaw that can allow someone with access to a targeted machine to run their code—your business should update if you use affected Windows versions.
Executive summary
CVE-2026-50382 is a DirectX flaw (CWE-822: Untrusted pointer dereference) that enables local code execution by an authenticated/authorized attacker leveraging untrusted pointer handling in Windows’ graphics kernel components.
If affected, business impact
Full system takeoverMalware execution on serversService disruptionCredential theft risk
What to do now
- Check which exact Windows edition and version/build you run (Windows 10, Windows 11, or Windows Server 2019/2022/2025) and whether it matches any vulnerable build.
- Update Windows to the fixed build for your specific version:
- Windows 10: 10.0.17763.9020 or 10.0.19044.7548 or 10.0.19045.7548
- Windows 11: 10.0.26100.8875 or 10.0.26200.8875 or 10.0.28000.2269
- Windows Server 2019: 10.0.17763.9020
- Windows Server 2022: 10.0.20348.5386
- Windows Server 2025: 10.0.26100.33158
- If you cannot patch immediately, treat any machines that have direct user/administrative access as high-risk and restrict who can log on or administer those systems until updates are applied.
- After updating, verify the Windows version/build number changed to one of the fixed values above and restart if your patch process requires it.
Usually a quick update
CVSS Vector Breakdown
Exploitability
AV:LAttack VectorLocal
AC:LAttack ComplexityLow
PR:LPrivileges RequiredLow
UI:NUser InteractionNone
Scope
S:CScopeChanged
Impact
C:HConfidentialityHigh
I:HIntegrityHigh
A:HAvailabilityHigh
Weaknesses
Affected Products
Microsoft
commercial·US
and 6 more affected products View all →
Exploitability
No known exploits, KEV entries, or remediation guidance available for this vulnerability yet.
References
News mentions
4- Microsoft and Adobe Patch Tuesday, July 2026 Security Update Reviewen-us·Qualys Security Blog·
- Microsoft Patch Tuesday for July 2026 — Snort rules and prominent vulnerabilitiesen·Cisco Talos·
- Microsoft Patch Tuesday July 2026 - The AI Acopolypse is Hereen·SANS Internet Storm Center·
- Microsoft July 2026 Patch Tuesday fixes massive 570 flaws, 3 zero-daysen-us·BleepingComputer·
Unlock Complete Vulnerability Intelligence
Get the full picture for CVE-2026-50382 and every CVE in our database. Create a free account — no credit card required.
Create Free AccountPlain-language analysis
Impact assessment and exploitation scenario in plain English
Attack graph visualization
Interactive attack path and kill chain mapping
Exploit details & PoC links
ExploitDB, Metasploit, GitHub PoCs with direct links
Nuclei scanner templates
Ready-to-use vulnerability scanner templates
Full remediation guide
Patch instructions, workarounds, and compliance impact
Interactive AI chat
Ask questions about this vulnerability in natural language
Related vulnerabilities
Semantically similar CVEs and attack patterns
REST API & MCP access
Integrate vulnerability data into your workflows
