Protection mechanism failure in Windows and Windows Server - CVE-2026-34348
Published: July 17, 2026
Windows
Windows Server
Detailed vulnerability description
The vulnerability allows a remote user to disclose sensitive information.
The vulnerability exists due to protection mechanism failure in Windows Event Logging Service when handling network requests. A remote user can send crafted requests to disclose sensitive information.
The disclosed information is limited to small portions of heap memory.