Race condition in Windows and Windows Server - CVE-2026-44800
Published: July 17, 2026
Windows
Windows Server
Detailed vulnerability description
The vulnerability allows a local user to escalate privileges.
The vulnerability exists due to a race condition in Windows Push Notifications when performing concurrent execution using a shared resource. A local user can trigger concurrent operations to escalate privileges.
Successful exploitation requires winning a race condition and could result in gaining SYSTEM privileges and escaping a contained execution environment.