Information disclosure in Windows and Windows Server - CVE-2026-56184
Published: July 17, 2026
Windows
Windows Server
Detailed vulnerability description
The vulnerability allows a local user to disclose sensitive information.
The vulnerability exists due to exposure of sensitive information in Windows Win32K when handling local access to kernel memory addresses. A local user can access disclosed kernel memory address information to disclose sensitive information.
The disclosed information may include certain memory addresses within kernel space, which could be leveraged for other malicious activities.