Information disclosure in Windows and Windows Server - CVE-2026-57095
Published: July 17, 2026
Windows
Windows Server
Detailed vulnerability description
The vulnerability allows a local attacker to elevate privileges.
The vulnerability exists due to exposure of sensitive information to an unauthorized actor in Windows Win32K when handling local access to sensitive information. A local attacker can access exposed sensitive information to elevate privileges.
Successful exploitation could lead to SYSTEM privileges.