CVE-2026-49798 is a newly patched Windows Kernel use-after-free vulnerability that can let a local attacker gain elevated privileges without already holding a privileged account. Microsoft released the fix on July 14, 2026, across supported Windows client and server editions, assigning the flaw...