Use of uninitialized resource in Windows and Windows Server - CVE-2026-57982
Published: July 17, 2026
Windows
Windows Server
Detailed vulnerability description
The vulnerability allows a remote user to disclose sensitive information.
The vulnerability exists due to use of uninitialized resource in Windows RDP when handling RDP connections. A remote user can establish a connection and trigger access to uninitialized heap memory to disclose sensitive information.
The disclosed information may include uninitialized heap memory contents.