Link following in Windows and Windows Server - CVE-2026-50469
Published: July 17, 2026
Windows
Windows Server
Detailed vulnerability description
The vulnerability allows a local user to escalate privileges.
The vulnerability exists due to improper link resolution before file access ('link following') in Windows Projected File System when accessing files. A local user can create or manipulate links to escalate privileges.
A successful exploit would allow deletion of arbitrary system files.