PatchSiren cyber security CVE debrief
CVE-2026-50508 Microsoft CVE debrief
CVE-2026-50508 is a vulnerability in Windows NTLM that allows an unauthorized attacker to perform spoofing over a network. The vulnerability has a CVSS score of 6.5 and a severity of MEDIUM. It was published on 2026-06-09T17:17:50.027Z and last modified on 2026-06-09T19:32:51.440Z.
- Vendor
- Microsoft
- Product
- Windows 10 Version 1607
- CVSS
- MEDIUM 6.5
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-06-09
- Original CVE updated
- 2026-06-09
- Advisory published
- 2026-06-09
- Advisory updated
- 2026-06-09
Who should care
Users of Windows NTLM
Technical summary
The vulnerability is caused by exposure of sensitive information to an unauthorized actor in Windows NTLM, allowing an unauthorized attacker to perform spoofing over a network.
Defensive priority
MEDIUM
Recommended defensive actions
- Apply patches or updates from the vendor as they become available.
- Implement network segmentation and isolation to limit the attack surface.
- Monitor network traffic for suspicious activity.
Evidence notes
The vendor is listed as Unknown Vendor, but there is evidence suggesting the vendor may be Microsoft.
Official resources
-
CVE-2026-50508 CVE record
CVE.org
-
CVE-2026-50508 NVD detail
NVD
-
Source item URL
nvd_modified
- Source reference
CVE-2026-50508 was published on 2026-06-09T17:17:50.027Z and last modified on 2026-06-09T19:32:51.440Z.