Use of a broken or risky cryptographic algorithm in Windows and Windows Server - CVE-2026-50303
Published: July 17, 2026
Windows
Windows Server
Detailed vulnerability description
The vulnerability allows a local user to bypass the authentication feature.
The vulnerability exists due to use of a cryptographic primitive with a risky implementation in Windows Key Guard when processing authentication operations. A local user can exploit the flawed cryptographic implementation to bypass the authentication feature.
This vulnerability can enable impersonation.