Integer underflow in Windows and Windows Server - CVE-2026-50300
Published: July 17, 2026
Windows
Windows Server
Detailed vulnerability description
The vulnerability allows a local user to disclose sensitive information.
The vulnerability exists due to integer underflow in Windows Kernel when handling crafted local operations. A local user can trigger the integer underflow to disclose sensitive information.
An attacker who successfully exploits this vulnerability could read small portions of heap memory.