CVE-2026-50656: Microsoft Malware Protection Engine

What is CVE-2026-50656?

Microsoft is aware of an elevation of privilege in the Microsoft Malware Protection Engine in Microsoft Defender publicly referred to as "RoguePlanet ". We are working to provide a high quality security update that addresses this vulnerability. We will provide information in this CVE when the update is available.

CVSS7.8 NVD 3.1

SeverityHIGH

ExploitationNo exploitation reported

EPSS<1% · P30

Triage statusNo Known Exploit

ActionPatch this week

CVSS vectorCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWECWE-59

NVD published2026-06-16

NVD last modified2026-06-17

Affected product

Microsoft Malware Protection Engine

Remediation Steps

Monitor Microsoft Security Updates and advisories for RoguePlanet patch release
Plan immediate deployment upon patch availability
Ensure Microsoft Defender update mechanisms are functioning on all endpoints
Test patch in non-production environment before broad deployment if possible

References

Coverage on defend.network

Vulnerability Priority Report – Week 3 of June 2026 (June 15 – 21)
Microsoft Defender zero-day, FortiBleed exposes 73k devices, GitHub worm spreads (2026-06-18)

🤖 This CVE page is generated by defend.network from NVD, CISA KEV, EPSS, and our verified daily briefings. Severity and exploitation data come from official sources; always verify remediation steps against the official vendor advisory before acting in production.

What is CVE-2026-50656?

Affected product

Remediation Steps

References

Coverage on defend.network

Get Critical CVE Alerts