Information disclosure in Windows and Windows Server - CVE-2026-50431
Published: July 17, 2026
Windows
Windows Server
Detailed vulnerability description
The vulnerability allows a remote attacker to disclose sensitive information.
The vulnerability exists due to an information disclosure issue in Windows Quality of Service (QoS) Packet Scheduler when handling network traffic. A remote attacker can send crafted traffic to disclose sensitive information.
The issue can disclose certain kernel memory addresses, which could aid further attacks.