CVE-2026-50324 exposes Active Directory Federation Services to an unauthenticated network-based denial-of-service attack, allowing a remote attacker to disrupt federation and potentially block users from signing in to dependent applications. Microsoft fixed the vulnerability in its July 14, 2026...