🟠 High  |  Source: Microsoft Security Response Center


CVE-2026-50411 is a Denial of Service vulnerability affecting Windows Active Directory Federation Services (AD FS), a widely used identity federation component in Microsoft environments. An attacker exploiting this flaw could disrupt authentication services, potentially locking users out of applications and resources that rely on AD FS for federated identity. Microsoft has issued an informational update to the affected software table, indicating no change to severity or patch status.

Security Architect’s Take: Review the updated Software Update table on the MSRC advisory to confirm whether your specific AD FS version is listed as affected, and ensure relevant patches are applied promptly — AD FS disruption can cascade into broad authentication outages across hybrid and cloud-connected workloads.

Original advisory: CVE-2026-50411 Windows Active Directory Federation Services Denial of Service Vulnerability