Information disclosure in Windows and Windows Server - CVE-2026-50681
Published: July 17, 2026
Windows
Windows Server
Detailed vulnerability description
The vulnerability allows a local user to disclose sensitive information.
The vulnerability exists due to exposure of sensitive information in Windows Cryptographic Services when handling cryptographic operations. A local user can access leaked internal memory pointers to disclose sensitive information.
The disclosed information is limited to internal memory pointers, which could help bypass security protections and facilitate further exploitation.