Common Weakness Enumeration

CWE-126

Allowed

Buffer Over-read

Abstraction: Variant · Status: Draft

The product reads from a buffer using buffer access mechanisms such as indexes or pointers that reference memory locations after the targeted buffer.

852 vulnerabilities reference this CWE, most recent first.

CVE-2026-59840 (GCVE-0-2026-59840)

Vulnerability from cvelistv5 – Published: 2026-07-14 15:19 – Updated: 2026-07-14 16:02
VLAI
Summary
A buffer over-read vulnerability in Fortinet FortiOS 7.6.0 through 7.6.2, FortiOS 7.4.0 through 7.4.8, FortiOS 7.2 all versions, FortiProxy 7.6.0 through 7.6.5, FortiProxy 7.4.0 through 7.4.13, FortiProxy 7.2 all versions may allow attacker to information disclosure via <insert attack vector here>
SSVC
Exploitation: none Automatable: no Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
Assigner
References
Impacted products
Vendor Product Version
Fortinet FortiOS Affected: 7.6.0 , ≤ 7.6.2 (semver)
Affected: 7.4.0 , ≤ 7.4.8 (semver)
Affected: 7.2.0 , ≤ 7.2.13 (semver)
Affected: 7.0.0 , ≤ 7.0.19 (semver)
Affected: 6.4.0 , ≤ 6.4.16 (semver)
    cpe:2.3:o:fortinet:fortios:7.6.2:*:*:*:*:*:*:*
    cpe:2.3:o:fortinet:fortios:7.6.1:*:*:*:*:*:*:*
    cpe:2.3:o:fortinet:fortios:7.6.0:*:*:*:*:*:*:*
    cpe:2.3:o:fortinet:fortios:7.4.8:*:*:*:*:*:*:*
    cpe:2.3:o:fortinet:fortios:7.4.7:*:*:*:*:*:*:*
    cpe:2.3:o:fortinet:fortios:7.4.6:*:*:*:*:*:*:*
    cpe:2.3:o:fortinet:fortios:7.4.5:*:*:*:*:*:*:*
    cpe:2.3:o:fortinet:fortios:7.4.4:*:*:*:*:*:*:*
    cpe:2.3:o:fortinet:fortios:7.4.3:*:*:*:*:*:*:*
    cpe:2.3:o:fortinet:fortios:7.4.2:*:*:*:*:*:*:*
    cpe:2.3:o:fortinet:fortios:7.4.1:*:*:*:*:*:*:*
    cpe:2.3:o:fortinet:fortios:7.4.0:*:*:*:*:*:*:*
    cpe:2.3:o:fortinet:fortios:7.2.13:*:*:*:*:*:*:*
    cpe:2.3:o:fortinet:fortios:7.2.12:*:*:*:*:*:*:*
    cpe:2.3:o:fortinet:fortios:7.2.11:*:*:*:*:*:*:*
    cpe:2.3:o:fortinet:fortios:7.2.10:*:*:*:*:*:*:*
    cpe:2.3:o:fortinet:fortios:7.2.9:*:*:*:*:*:*:*
    cpe:2.3:o:fortinet:fortios:7.2.8:*:*:*:*:*:*:*
    cpe:2.3:o:fortinet:fortios:7.2.7:*:*:*:*:*:*:*
    cpe:2.3:o:fortinet:fortios:7.2.6:*:*:*:*:*:*:*
    cpe:2.3:o:fortinet:fortios:7.2.5:*:*:*:*:*:*:*
    cpe:2.3:o:fortinet:fortios:7.2.4:*:*:*:*:*:*:*
    cpe:2.3:o:fortinet:fortios:7.2.3:*:*:*:*:*:*:*
    cpe:2.3:o:fortinet:fortios:7.2.2:*:*:*:*:*:*:*
    cpe:2.3:o:fortinet:fortios:7.2.1:*:*:*:*:*:*:*
    cpe:2.3:o:fortinet:fortios:7.2.0:*:*:*:*:*:*:*
    cpe:2.3:o:fortinet:fortios:7.0.19:*:*:*:*:*:*:*
    cpe:2.3:o:fortinet:fortios:7.0.18:*:*:*:*:*:*:*
    cpe:2.3:o:fortinet:fortios:7.0.17:*:*:*:*:*:*:*
    cpe:2.3:o:fortinet:fortios:7.0.16:*:*:*:*:*:*:*
    cpe:2.3:o:fortinet:fortios:7.0.15:*:*:*:*:*:*:*
    cpe:2.3:o:fortinet:fortios:7.0.14:*:*:*:*:*:*:*
    cpe:2.3:o:fortinet:fortios:7.0.13:*:*:*:*:*:*:*
    cpe:2.3:o:fortinet:fortios:7.0.12:*:*:*:*:*:*:*
    cpe:2.3:o:fortinet:fortios:7.0.11:*:*:*:*:*:*:*
    cpe:2.3:o:fortinet:fortios:7.0.10:*:*:*:*:*:*:*
    cpe:2.3:o:fortinet:fortios:7.0.9:*:*:*:*:*:*:*
    cpe:2.3:o:fortinet:fortios:7.0.8:*:*:*:*:*:*:*
    cpe:2.3:o:fortinet:fortios:7.0.7:*:*:*:*:*:*:*
    cpe:2.3:o:fortinet:fortios:7.0.6:*:*:*:*:*:*:*
    cpe:2.3:o:fortinet:fortios:7.0.5:*:*:*:*:*:*:*
    cpe:2.3:o:fortinet:fortios:7.0.4:*:*:*:*:*:*:*
    cpe:2.3:o:fortinet:fortios:7.0.3:*:*:*:*:*:*:*
    cpe:2.3:o:fortinet:fortios:7.0.2:*:*:*:*:*:*:*
    cpe:2.3:o:fortinet:fortios:7.0.1:*:*:*:*:*:*:*
    cpe:2.3:o:fortinet:fortios:7.0.0:*:*:*:*:*:*:*
    cpe:2.3:o:fortinet:fortios:6.4.16:*:*:*:*:*:*:*
    cpe:2.3:o:fortinet:fortios:6.4.15:*:*:*:*:*:*:*
    cpe:2.3:o:fortinet:fortios:6.4.14:*:*:*:*:*:*:*
    cpe:2.3:o:fortinet:fortios:6.4.13:*:*:*:*:*:*:*
    cpe:2.3:o:fortinet:fortios:6.4.12:*:*:*:*:*:*:*
    cpe:2.3:o:fortinet:fortios:6.4.11:*:*:*:*:*:*:*
    cpe:2.3:o:fortinet:fortios:6.4.10:*:*:*:*:*:*:*
    cpe:2.3:o:fortinet:fortios:6.4.9:*:*:*:*:*:*:*
    cpe:2.3:o:fortinet:fortios:6.4.8:*:*:*:*:*:*:*
    cpe:2.3:o:fortinet:fortios:6.4.7:*:*:*:*:*:*:*
    cpe:2.3:o:fortinet:fortios:6.4.6:*:*:*:*:*:*:*
    cpe:2.3:o:fortinet:fortios:6.4.5:*:*:*:*:*:*:*
    cpe:2.3:o:fortinet:fortios:6.4.4:*:*:*:*:*:*:*
    cpe:2.3:o:fortinet:fortios:6.4.3:*:*:*:*:*:*:*
    cpe:2.3:o:fortinet:fortios:6.4.2:*:*:*:*:*:*:*
    cpe:2.3:o:fortinet:fortios:6.4.1:*:*:*:*:*:*:*
    cpe:2.3:o:fortinet:fortios:6.4.0:*:*:*:*:*:*:*
Create a notification for this product.
Fortinet FortiPAM Affected: 1.7.0
Affected: 1.6.0 , ≤ 1.6.2 (semver)
Affected: 1.5.0 , ≤ 1.5.1 (semver)
Affected: 1.4.0 , ≤ 1.4.3 (semver)
Affected: 1.3.0 , ≤ 1.3.1 (semver)
Affected: 1.2.0
Affected: 1.1.0 , ≤ 1.1.2 (semver)
Affected: 1.0.0 , ≤ 1.0.3 (semver)
    cpe:2.3:o:fortinet:fortipam:1.7.0:*:*:*:*:*:*:*
    cpe:2.3:o:fortinet:fortipam:1.6.2:*:*:*:*:*:*:*
    cpe:2.3:o:fortinet:fortipam:1.6.1:*:*:*:*:*:*:*
    cpe:2.3:o:fortinet:fortipam:1.6.0:*:*:*:*:*:*:*
    cpe:2.3:o:fortinet:fortipam:1.5.1:*:*:*:*:*:*:*
    cpe:2.3:o:fortinet:fortipam:1.5.0:*:*:*:*:*:*:*
    cpe:2.3:o:fortinet:fortipam:1.4.3:*:*:*:*:*:*:*
    cpe:2.3:o:fortinet:fortipam:1.4.2:*:*:*:*:*:*:*
    cpe:2.3:o:fortinet:fortipam:1.4.1:*:*:*:*:*:*:*
    cpe:2.3:o:fortinet:fortipam:1.4.0:*:*:*:*:*:*:*
    cpe:2.3:o:fortinet:fortipam:1.3.1:*:*:*:*:*:*:*
    cpe:2.3:o:fortinet:fortipam:1.3.0:*:*:*:*:*:*:*
    cpe:2.3:o:fortinet:fortipam:1.2.0:*:*:*:*:*:*:*
    cpe:2.3:o:fortinet:fortipam:1.1.2:*:*:*:*:*:*:*
    cpe:2.3:o:fortinet:fortipam:1.1.1:*:*:*:*:*:*:*
    cpe:2.3:o:fortinet:fortipam:1.1.0:*:*:*:*:*:*:*
    cpe:2.3:o:fortinet:fortipam:1.0.3:*:*:*:*:*:*:*
    cpe:2.3:o:fortinet:fortipam:1.0.2:*:*:*:*:*:*:*
    cpe:2.3:o:fortinet:fortipam:1.0.1:*:*:*:*:*:*:*
    cpe:2.3:o:fortinet:fortipam:1.0.0:*:*:*:*:*:*:*
Create a notification for this product.
Fortinet FortiSwitchManager Affected: 7.2.0 , ≤ 7.2.7 (semver)
Affected: 7.0.0 , ≤ 7.0.6 (semver)
    cpe:2.3:a:fortinet:fortiswitchmanager:7.2.7:*:*:*:*:*:*:*
    cpe:2.3:a:fortinet:fortiswitchmanager:7.2.6:*:*:*:*:*:*:*
    cpe:2.3:a:fortinet:fortiswitchmanager:7.2.5:*:*:*:*:*:*:*
    cpe:2.3:a:fortinet:fortiswitchmanager:7.2.4:*:*:*:*:*:*:*
    cpe:2.3:a:fortinet:fortiswitchmanager:7.2.3:*:*:*:*:*:*:*
    cpe:2.3:a:fortinet:fortiswitchmanager:7.2.2:*:*:*:*:*:*:*
    cpe:2.3:a:fortinet:fortiswitchmanager:7.2.1:*:*:*:*:*:*:*
    cpe:2.3:a:fortinet:fortiswitchmanager:7.2.0:*:*:*:*:*:*:*
    cpe:2.3:a:fortinet:fortiswitchmanager:7.0.6:*:*:*:*:*:*:*
    cpe:2.3:a:fortinet:fortiswitchmanager:7.0.5:*:*:*:*:*:*:*
    cpe:2.3:a:fortinet:fortiswitchmanager:7.0.4:*:*:*:*:*:*:*
    cpe:2.3:a:fortinet:fortiswitchmanager:7.0.3:*:*:*:*:*:*:*
    cpe:2.3:a:fortinet:fortiswitchmanager:7.0.2:*:*:*:*:*:*:*
    cpe:2.3:a:fortinet:fortiswitchmanager:7.0.1:*:*:*:*:*:*:*
    cpe:2.3:a:fortinet:fortiswitchmanager:7.0.0:*:*:*:*:*:*:*
Create a notification for this product.
Fortinet FortiProxy Affected: 7.6.0 , ≤ 7.6.5 (semver)
Affected: 7.4.0 , ≤ 7.4.13 (semver)
Affected: 7.2.0 , ≤ 7.2.16 (semver)
Affected: 7.0.0 , ≤ 7.0.23 (semver)
    cpe:2.3:a:fortinet:fortiproxy:7.6.5:*:*:*:*:*:*:*
    cpe:2.3:a:fortinet:fortiproxy:7.6.4:*:*:*:*:*:*:*
    cpe:2.3:a:fortinet:fortiproxy:7.6.3:*:*:*:*:*:*:*
    cpe:2.3:a:fortinet:fortiproxy:7.6.2:*:*:*:*:*:*:*
    cpe:2.3:a:fortinet:fortiproxy:7.6.1:*:*:*:*:*:*:*
    cpe:2.3:a:fortinet:fortiproxy:7.6.0:*:*:*:*:*:*:*
    cpe:2.3:a:fortinet:fortiproxy:7.4.13:*:*:*:*:*:*:*
    cpe:2.3:a:fortinet:fortiproxy:7.4.12:*:*:*:*:*:*:*
    cpe:2.3:a:fortinet:fortiproxy:7.4.11:*:*:*:*:*:*:*
    cpe:2.3:a:fortinet:fortiproxy:7.4.10:*:*:*:*:*:*:*
    cpe:2.3:a:fortinet:fortiproxy:7.4.9:*:*:*:*:*:*:*
    cpe:2.3:a:fortinet:fortiproxy:7.4.8:*:*:*:*:*:*:*
    cpe:2.3:a:fortinet:fortiproxy:7.4.7:*:*:*:*:*:*:*
    cpe:2.3:a:fortinet:fortiproxy:7.4.6:*:*:*:*:*:*:*
    cpe:2.3:a:fortinet:fortiproxy:7.4.5:*:*:*:*:*:*:*
    cpe:2.3:a:fortinet:fortiproxy:7.4.4:*:*:*:*:*:*:*
    cpe:2.3:a:fortinet:fortiproxy:7.4.3:*:*:*:*:*:*:*
    cpe:2.3:a:fortinet:fortiproxy:7.4.2:*:*:*:*:*:*:*
    cpe:2.3:a:fortinet:fortiproxy:7.4.1:*:*:*:*:*:*:*
    cpe:2.3:a:fortinet:fortiproxy:7.4.0:*:*:*:*:*:*:*
    cpe:2.3:a:fortinet:fortiproxy:7.2.16:*:*:*:*:*:*:*
    cpe:2.3:a:fortinet:fortiproxy:7.2.15:*:*:*:*:*:*:*
    cpe:2.3:a:fortinet:fortiproxy:7.2.14:*:*:*:*:*:*:*
    cpe:2.3:a:fortinet:fortiproxy:7.2.13:*:*:*:*:*:*:*
    cpe:2.3:a:fortinet:fortiproxy:7.2.12:*:*:*:*:*:*:*
    cpe:2.3:a:fortinet:fortiproxy:7.2.11:*:*:*:*:*:*:*
    cpe:2.3:a:fortinet:fortiproxy:7.2.10:*:*:*:*:*:*:*
    cpe:2.3:a:fortinet:fortiproxy:7.2.9:*:*:*:*:*:*:*
    cpe:2.3:a:fortinet:fortiproxy:7.2.8:*:*:*:*:*:*:*
    cpe:2.3:a:fortinet:fortiproxy:7.2.7:*:*:*:*:*:*:*
    cpe:2.3:a:fortinet:fortiproxy:7.2.6:*:*:*:*:*:*:*
    cpe:2.3:a:fortinet:fortiproxy:7.2.5:*:*:*:*:*:*:*
    cpe:2.3:a:fortinet:fortiproxy:7.2.4:*:*:*:*:*:*:*
    cpe:2.3:a:fortinet:fortiproxy:7.2.3:*:*:*:*:*:*:*
    cpe:2.3:a:fortinet:fortiproxy:7.2.2:*:*:*:*:*:*:*
    cpe:2.3:a:fortinet:fortiproxy:7.2.1:*:*:*:*:*:*:*
    cpe:2.3:a:fortinet:fortiproxy:7.2.0:*:*:*:*:*:*:*
    cpe:2.3:a:fortinet:fortiproxy:7.0.23:*:*:*:*:*:*:*
    cpe:2.3:a:fortinet:fortiproxy:7.0.22:*:*:*:*:*:*:*
    cpe:2.3:a:fortinet:fortiproxy:7.0.21:*:*:*:*:*:*:*
    cpe:2.3:a:fortinet:fortiproxy:7.0.20:*:*:*:*:*:*:*
    cpe:2.3:a:fortinet:fortiproxy:7.0.19:*:*:*:*:*:*:*
    cpe:2.3:a:fortinet:fortiproxy:7.0.18:*:*:*:*:*:*:*
    cpe:2.3:a:fortinet:fortiproxy:7.0.17:*:*:*:*:*:*:*
    cpe:2.3:a:fortinet:fortiproxy:7.0.16:*:*:*:*:*:*:*
    cpe:2.3:a:fortinet:fortiproxy:7.0.15:*:*:*:*:*:*:*
    cpe:2.3:a:fortinet:fortiproxy:7.0.14:*:*:*:*:*:*:*
    cpe:2.3:a:fortinet:fortiproxy:7.0.13:*:*:*:*:*:*:*
    cpe:2.3:a:fortinet:fortiproxy:7.0.12:*:*:*:*:*:*:*
    cpe:2.3:a:fortinet:fortiproxy:7.0.11:*:*:*:*:*:*:*
    cpe:2.3:a:fortinet:fortiproxy:7.0.10:*:*:*:*:*:*:*
    cpe:2.3:a:fortinet:fortiproxy:7.0.9:*:*:*:*:*:*:*
    cpe:2.3:a:fortinet:fortiproxy:7.0.8:*:*:*:*:*:*:*
    cpe:2.3:a:fortinet:fortiproxy:7.0.7:*:*:*:*:*:*:*
    cpe:2.3:a:fortinet:fortiproxy:7.0.6:*:*:*:*:*:*:*
    cpe:2.3:a:fortinet:fortiproxy:7.0.5:*:*:*:*:*:*:*
    cpe:2.3:a:fortinet:fortiproxy:7.0.4:*:*:*:*:*:*:*
    cpe:2.3:a:fortinet:fortiproxy:7.0.3:*:*:*:*:*:*:*
    cpe:2.3:a:fortinet:fortiproxy:7.0.2:*:*:*:*:*:*:*
    cpe:2.3:a:fortinet:fortiproxy:7.0.1:*:*:*:*:*:*:*
    cpe:2.3:a:fortinet:fortiproxy:7.0.0:*:*:*:*:*:*:*
Create a notification for this product.
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-59840",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-07-14T15:57:19.678421Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-07-14T16:02:38.145Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "cpes": [
            "cpe:2.3:o:fortinet:fortios:7.6.2:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortios:7.6.1:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortios:7.6.0:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortios:7.4.8:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortios:7.4.7:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortios:7.4.6:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortios:7.4.5:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortios:7.4.4:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortios:7.4.3:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortios:7.4.2:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortios:7.4.1:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortios:7.4.0:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortios:7.2.13:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortios:7.2.12:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortios:7.2.11:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortios:7.2.10:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortios:7.2.9:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortios:7.2.8:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortios:7.2.7:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortios:7.2.6:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortios:7.2.5:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortios:7.2.4:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortios:7.2.3:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortios:7.2.2:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortios:7.2.1:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortios:7.2.0:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortios:7.0.19:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortios:7.0.18:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortios:7.0.17:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortios:7.0.16:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortios:7.0.15:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortios:7.0.14:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortios:7.0.13:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortios:7.0.12:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortios:7.0.11:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortios:7.0.10:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortios:7.0.9:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortios:7.0.8:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortios:7.0.7:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortios:7.0.6:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortios:7.0.5:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortios:7.0.4:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortios:7.0.3:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortios:7.0.2:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortios:7.0.1:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortios:7.0.0:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortios:6.4.16:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortios:6.4.15:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortios:6.4.14:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortios:6.4.13:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortios:6.4.12:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortios:6.4.11:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortios:6.4.10:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortios:6.4.9:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortios:6.4.8:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortios:6.4.7:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortios:6.4.6:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortios:6.4.5:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortios:6.4.4:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortios:6.4.3:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortios:6.4.2:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortios:6.4.1:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortios:6.4.0:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "FortiOS",
          "vendor": "Fortinet",
          "versions": [
            {
              "lessThanOrEqual": "7.6.2",
              "status": "affected",
              "version": "7.6.0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "7.4.8",
              "status": "affected",
              "version": "7.4.0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "7.2.13",
              "status": "affected",
              "version": "7.2.0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "7.0.19",
              "status": "affected",
              "version": "7.0.0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.4.16",
              "status": "affected",
              "version": "6.4.0",
              "versionType": "semver"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:o:fortinet:fortipam:1.7.0:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortipam:1.6.2:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortipam:1.6.1:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortipam:1.6.0:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortipam:1.5.1:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortipam:1.5.0:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortipam:1.4.3:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortipam:1.4.2:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortipam:1.4.1:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortipam:1.4.0:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortipam:1.3.1:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortipam:1.3.0:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortipam:1.2.0:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortipam:1.1.2:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortipam:1.1.1:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortipam:1.1.0:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortipam:1.0.3:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortipam:1.0.2:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortipam:1.0.1:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortipam:1.0.0:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "FortiPAM",
          "vendor": "Fortinet",
          "versions": [
            {
              "status": "affected",
              "version": "1.7.0"
            },
            {
              "lessThanOrEqual": "1.6.2",
              "status": "affected",
              "version": "1.6.0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "1.5.1",
              "status": "affected",
              "version": "1.5.0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "1.4.3",
              "status": "affected",
              "version": "1.4.0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "1.3.1",
              "status": "affected",
              "version": "1.3.0",
              "versionType": "semver"
            },
            {
              "status": "affected",
              "version": "1.2.0"
            },
            {
              "lessThanOrEqual": "1.1.2",
              "status": "affected",
              "version": "1.1.0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "1.0.3",
              "status": "affected",
              "version": "1.0.0",
              "versionType": "semver"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:fortinet:fortiswitchmanager:7.2.7:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortiswitchmanager:7.2.6:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortiswitchmanager:7.2.5:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortiswitchmanager:7.2.4:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortiswitchmanager:7.2.3:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortiswitchmanager:7.2.2:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortiswitchmanager:7.2.1:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortiswitchmanager:7.2.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortiswitchmanager:7.0.6:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortiswitchmanager:7.0.5:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortiswitchmanager:7.0.4:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortiswitchmanager:7.0.3:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortiswitchmanager:7.0.2:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortiswitchmanager:7.0.1:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortiswitchmanager:7.0.0:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "FortiSwitchManager",
          "vendor": "Fortinet",
          "versions": [
            {
              "lessThanOrEqual": "7.2.7",
              "status": "affected",
              "version": "7.2.0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "7.0.6",
              "status": "affected",
              "version": "7.0.0",
              "versionType": "semver"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:fortinet:fortiproxy:7.6.5:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortiproxy:7.6.4:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortiproxy:7.6.3:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortiproxy:7.6.2:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortiproxy:7.6.1:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortiproxy:7.6.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortiproxy:7.4.13:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortiproxy:7.4.12:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortiproxy:7.4.11:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortiproxy:7.4.10:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortiproxy:7.4.9:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortiproxy:7.4.8:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortiproxy:7.4.7:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortiproxy:7.4.6:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortiproxy:7.4.5:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortiproxy:7.4.4:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortiproxy:7.4.3:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortiproxy:7.4.2:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortiproxy:7.4.1:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortiproxy:7.4.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortiproxy:7.2.16:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortiproxy:7.2.15:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortiproxy:7.2.14:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortiproxy:7.2.13:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortiproxy:7.2.12:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortiproxy:7.2.11:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortiproxy:7.2.10:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortiproxy:7.2.9:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortiproxy:7.2.8:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortiproxy:7.2.7:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortiproxy:7.2.6:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortiproxy:7.2.5:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortiproxy:7.2.4:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortiproxy:7.2.3:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortiproxy:7.2.2:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortiproxy:7.2.1:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortiproxy:7.2.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortiproxy:7.0.23:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortiproxy:7.0.22:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortiproxy:7.0.21:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortiproxy:7.0.20:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortiproxy:7.0.19:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortiproxy:7.0.18:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortiproxy:7.0.17:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortiproxy:7.0.16:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortiproxy:7.0.15:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortiproxy:7.0.14:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortiproxy:7.0.13:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortiproxy:7.0.12:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortiproxy:7.0.11:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortiproxy:7.0.10:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortiproxy:7.0.9:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortiproxy:7.0.8:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortiproxy:7.0.7:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortiproxy:7.0.6:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortiproxy:7.0.5:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortiproxy:7.0.4:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortiproxy:7.0.3:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortiproxy:7.0.2:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortiproxy:7.0.1:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortiproxy:7.0.0:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "FortiProxy",
          "vendor": "Fortinet",
          "versions": [
            {
              "lessThanOrEqual": "7.6.5",
              "status": "affected",
              "version": "7.6.0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "7.4.13",
              "status": "affected",
              "version": "7.4.0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "7.2.16",
              "status": "affected",
              "version": "7.2.0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "7.0.23",
              "status": "affected",
              "version": "7.0.0",
              "versionType": "semver"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A buffer over-read vulnerability in Fortinet FortiOS 7.6.0 through 7.6.2, FortiOS 7.4.0 through 7.4.8, FortiOS 7.2 all versions, FortiProxy 7.6.0 through 7.6.5, FortiProxy 7.4.0 through 7.4.13, FortiProxy 7.2 all versions may allow attacker to information disclosure via \u003cinsert attack vector here\u003e"
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 4.1,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-126",
              "description": "Information disclosure",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-07-14T15:19:51.309Z",
        "orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
        "shortName": "fortinet"
      },
      "references": [
        {
          "name": "https://fortiguard.fortinet.com/psirt/FG-IR-26-154",
          "url": "https://fortiguard.fortinet.com/psirt/FG-IR-26-154"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "value": "Upgrade to FortiOS version 7.6.4 or above\nUpgrade to FortiOS version 7.4.9 or above\nFortinet remediated this issue in FortiSASE version 25.4.b and hence customers do not need to perform any action.\nUpgrade to FortiProxy version 7.6.6 or above\nUpgrade to FortiProxy version 7.4.14 or above"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
    "assignerShortName": "fortinet",
    "cveId": "CVE-2026-59840",
    "datePublished": "2026-07-14T15:19:51.309Z",
    "dateReserved": "2026-07-07T15:21:36.593Z",
    "dateUpdated": "2026-07-14T16:02:38.145Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2026-58013 (GCVE-0-2026-58013)

Vulnerability from cvelistv5 – Published: 2026-06-30 12:57 – Updated: 2026-06-30 15:58
VLAI
Title
Glib: buffer over-read in glib/giochannel.c via "g_io_channel_read_line_backend"
Summary
A flaw was found in GLib. A buffer over-read can occur in g_io_channel_read_line_backend() in the giochannel.c file when a custom line terminator with a length greater than one is set, causing memcmp to read past the GString buffer. This vulnerability can cause a minor information disclosure of 7 bytes or a denial of service when the buffer over-read crosses a page boundary.
SSVC
Exploitation: none Automatable: no Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
Assigner
Impacted products
Date Public
2026-04-03 00:00
Credits
Red Hat would like to thank linhlhq for reporting this issue.
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-58013",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-06-30T14:17:50.722495Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-06-30T15:58:08.967Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://gitlab.gnome.org/GNOME/glib/",
          "defaultStatus": "unaffected",
          "packageName": "GLib",
          "product": "GLib",
          "vendor": "GNOME",
          "versions": [
            {
              "lessThan": "2.88.1",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10"
          ],
          "defaultStatus": "affected",
          "packageName": "glib2",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10"
          ],
          "defaultStatus": "affected",
          "packageName": "mingw-glib2",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:6"
          ],
          "defaultStatus": "affected",
          "packageName": "glib2",
          "product": "Red Hat Enterprise Linux 6",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:7"
          ],
          "defaultStatus": "affected",
          "packageName": "glib2",
          "product": "Red Hat Enterprise Linux 7",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8"
          ],
          "defaultStatus": "affected",
          "packageName": "glib2",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8"
          ],
          "defaultStatus": "affected",
          "packageName": "mingw-glib2",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9"
          ],
          "defaultStatus": "affected",
          "packageName": "glib2",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9"
          ],
          "defaultStatus": "affected",
          "packageName": "mingw-glib2",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:hummingbird:1"
          ],
          "defaultStatus": "unaffected",
          "packageName": "glib2",
          "product": "Red Hat Hardened Images",
          "vendor": "Red Hat"
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Red Hat would like to thank linhlhq for reporting this issue."
        }
      ],
      "datePublic": "2026-04-03T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A flaw was found in GLib. A buffer over-read can occur in g_io_channel_read_line_backend() in the giochannel.c file when a custom line terminator with a length greater than one is set, causing memcmp to read past the GString buffer. This vulnerability can cause a minor information disclosure of 7 bytes or a denial of service when the buffer over-read crosses a page boundary."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Moderate"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-126",
              "description": "Buffer Over-read",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-06-30T14:38:17.519Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2026-58013"
        },
        {
          "name": "RHBZ#2492248",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2492248"
        },
        {
          "url": "https://gitlab.gnome.org/GNOME/glib/-/issues/3925"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2026-06-24T16:49:18.947Z",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2026-04-03T00:00:00.000Z",
          "value": "Made public."
        }
      ],
      "title": "Glib: buffer over-read in glib/giochannel.c via \"g_io_channel_read_line_backend\"",
      "workarounds": [
        {
          "lang": "en",
          "value": "To mitigate this vulnerability, restrict any custom line terminator string passed to g_io_channel_set_line_term() to a maximum length of one byte before calling g_io_channel_read_line_backend(). Using the default line terminators will completely neutralize this issue."
        }
      ],
      "x_generator": {
        "engine": "cvelib 1.8.0"
      },
      "x_redhatCweChain": "CWE-126: Buffer Over-read"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2026-58013",
    "datePublished": "2026-06-30T12:57:34.902Z",
    "dateReserved": "2026-06-26T20:59:47.855Z",
    "dateUpdated": "2026-06-30T15:58:08.967Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2026-58012 (GCVE-0-2026-58012)

Vulnerability from cvelistv5 – Published: 2026-06-30 12:57 – Updated: 2026-06-30 14:38
VLAI
Title
Glib: buffer over-read in g_regex_replace() via glib/gregex.c:string_append() and g_utf8_next_char()
Summary
A flaw was found in GLib. A buffer over-read can occur in the g_regex_replace function when used with the `G_REGEX_RAW` compile flag and case-change replacement escapes because the string_append function processes matched substrings using UTF-8 functions that assume valid UTF-8 input, even when the string is treated as raw bytes. This vulnerability can cause a minor information disclosure of 1-5 bytes and a denial of service when the buffer over-read crosses a page boundary.
SSVC
Exploitation: none Automatable: yes Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
Assigner
Impacted products
Vendor Product Version
GNOME GLib Affected: 0 , < 2.86.5 (semver)
Affected: 0 , < 2.88.1 (semver)
Create a notification for this product.
Red Hat Red Hat Enterprise Linux 10     cpe:/o:redhat:enterprise_linux:10
Create a notification for this product.
Red Hat Red Hat Enterprise Linux 6     cpe:/o:redhat:enterprise_linux:6
Create a notification for this product.
Red Hat Red Hat Enterprise Linux 7     cpe:/o:redhat:enterprise_linux:7
Create a notification for this product.
Red Hat Red Hat Enterprise Linux 8     cpe:/o:redhat:enterprise_linux:8
Create a notification for this product.
Red Hat Red Hat Enterprise Linux 9     cpe:/o:redhat:enterprise_linux:9
Create a notification for this product.
Red Hat Red Hat Hardened Images     cpe:/a:redhat:hummingbird:1
Create a notification for this product.
Date Public
2026-03-27 00:00
Credits
Red Hat would like to thank linhlhq for reporting this issue.
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-58012",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-06-30T13:17:40.887957Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-06-30T13:18:19.247Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://gitlab.gnome.org/GNOME/glib/",
          "defaultStatus": "unaffected",
          "packageName": "GLib",
          "product": "GLib",
          "vendor": "GNOME",
          "versions": [
            {
              "lessThan": "2.86.5",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThan": "2.88.1",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10"
          ],
          "defaultStatus": "affected",
          "packageName": "glib2",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10"
          ],
          "defaultStatus": "affected",
          "packageName": "mingw-glib2",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:6"
          ],
          "defaultStatus": "affected",
          "packageName": "glib2",
          "product": "Red Hat Enterprise Linux 6",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:7"
          ],
          "defaultStatus": "affected",
          "packageName": "glib2",
          "product": "Red Hat Enterprise Linux 7",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8"
          ],
          "defaultStatus": "affected",
          "packageName": "glib2",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8"
          ],
          "defaultStatus": "affected",
          "packageName": "mingw-glib2",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9"
          ],
          "defaultStatus": "affected",
          "packageName": "glib2",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9"
          ],
          "defaultStatus": "affected",
          "packageName": "mingw-glib2",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:hummingbird:1"
          ],
          "defaultStatus": "unaffected",
          "packageName": "glib2",
          "product": "Red Hat Hardened Images",
          "vendor": "Red Hat"
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Red Hat would like to thank linhlhq for reporting this issue."
        }
      ],
      "datePublic": "2026-03-27T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A flaw was found in GLib. A buffer over-read can occur in the g_regex_replace function when used with the `G_REGEX_RAW` compile flag and case-change replacement escapes because the string_append function processes matched substrings using UTF-8 functions that assume valid UTF-8 input, even when the string is treated as raw bytes. This vulnerability can cause a minor information disclosure of 1-5 bytes and a denial of service when the buffer over-read crosses a page boundary."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Moderate"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-126",
              "description": "Buffer Over-read",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-06-30T14:38:17.617Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2026-58012"
        },
        {
          "name": "RHBZ#2492247",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2492247"
        },
        {
          "url": "https://gitlab.gnome.org/GNOME/glib/-/issues/3918"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2026-06-24T16:40:58.048Z",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2026-03-27T00:00:00.000Z",
          "value": "Made public."
        }
      ],
      "title": "Glib: buffer over-read in g_regex_replace() via glib/gregex.c:string_append() and g_utf8_next_char()",
      "workarounds": [
        {
          "lang": "en",
          "value": "To mitigate this vulnerability, implement strict input validation to sanitize user-supplied replacement strings, specifically rejecting or escaping case-change modifiers (\\u, \\l, \\U, \\L) before calling g_regex_replace() or g_regex_replace_eval() when the G_REGEX_RAW compile flag is used. Removing the G_REGEX_RAW flag or hardcoding the replacement strings will completely neutralize this issue."
        }
      ],
      "x_generator": {
        "engine": "cvelib 1.8.0"
      },
      "x_redhatCweChain": "CWE-126: Buffer Over-read"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2026-58012",
    "datePublished": "2026-06-30T12:57:21.859Z",
    "dateReserved": "2026-06-26T20:59:47.855Z",
    "dateUpdated": "2026-06-30T14:38:17.617Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2026-58010 (GCVE-0-2026-58010)

Vulnerability from cvelistv5 – Published: 2026-06-30 12:57 – Updated: 2026-06-30 14:28
VLAI
Title
Glib: buffer over-read in glib/gvariant-serialiser.c via gvs_tuple_is_normal()
Summary
A flaw was found in GLib. An off-by-one error can occur in the gvs_tuple_is_normal function in the glib/gvariant-serialiser.c file when doing an alignment padding check because the bounds check uses > instead of >=, causing an out-of-bounds read of only 1 byte. This issue can cause a minor information disclosure of 1 byte and a denial of service when the out-of-bounds read crosses a page boundary.
SSVC
Exploitation: none Automatable: yes Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
Assigner
Impacted products
Vendor Product Version
GNOME GLib Affected: 0 , < 2.86.5 (semver)
Affected: 0 , < 2.88.1 (semver)
Create a notification for this product.
Red Hat Red Hat Enterprise Linux 10     cpe:/o:redhat:enterprise_linux:10
Create a notification for this product.
Red Hat Red Hat Enterprise Linux 6     cpe:/o:redhat:enterprise_linux:6
Create a notification for this product.
Red Hat Red Hat Enterprise Linux 7     cpe:/o:redhat:enterprise_linux:7
Create a notification for this product.
Red Hat Red Hat Enterprise Linux 8     cpe:/o:redhat:enterprise_linux:8
Create a notification for this product.
Red Hat Red Hat Enterprise Linux 9     cpe:/o:redhat:enterprise_linux:9
Create a notification for this product.
Red Hat Red Hat Hardened Images     cpe:/a:redhat:hummingbird:1
Create a notification for this product.
Date Public
2026-03-26 00:00
Credits
Red Hat would like to thank linhlhq for reporting this issue.
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-58010",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-06-30T14:02:50.825354Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-06-30T14:03:48.602Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://gitlab.gnome.org/GNOME/glib/",
          "defaultStatus": "unaffected",
          "packageName": "GLib",
          "product": "GLib",
          "vendor": "GNOME",
          "versions": [
            {
              "lessThan": "2.86.5",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThan": "2.88.1",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10"
          ],
          "defaultStatus": "affected",
          "packageName": "glib2",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10"
          ],
          "defaultStatus": "affected",
          "packageName": "mingw-glib2",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:6"
          ],
          "defaultStatus": "affected",
          "packageName": "glib2",
          "product": "Red Hat Enterprise Linux 6",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:7"
          ],
          "defaultStatus": "affected",
          "packageName": "glib2",
          "product": "Red Hat Enterprise Linux 7",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8"
          ],
          "defaultStatus": "affected",
          "packageName": "glib2",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8"
          ],
          "defaultStatus": "affected",
          "packageName": "mingw-glib2",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9"
          ],
          "defaultStatus": "affected",
          "packageName": "glib2",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9"
          ],
          "defaultStatus": "affected",
          "packageName": "mingw-glib2",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:hummingbird:1"
          ],
          "defaultStatus": "unaffected",
          "packageName": "glib2",
          "product": "Red Hat Hardened Images",
          "vendor": "Red Hat"
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Red Hat would like to thank linhlhq for reporting this issue."
        }
      ],
      "datePublic": "2026-03-26T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A flaw was found in GLib. An off-by-one error can occur in the gvs_tuple_is_normal function in the glib/gvariant-serialiser.c file when doing an alignment padding check because the bounds check uses \u003e instead of \u003e=, causing an out-of-bounds read of only 1 byte. This issue can cause a minor information disclosure of 1 byte and a denial of service when the out-of-bounds read crosses a page boundary."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Moderate"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-126",
              "description": "Buffer Over-read",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-06-30T14:28:12.417Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2026-58010"
        },
        {
          "name": "RHBZ#2492243",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2492243"
        },
        {
          "url": "https://gitlab.gnome.org/GNOME/glib/-/issues/3915"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2026-06-24T16:21:49.589Z",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2026-03-26T00:00:00.000Z",
          "value": "Made public."
        }
      ],
      "title": "Glib: buffer over-read in glib/gvariant-serialiser.c via gvs_tuple_is_normal()",
      "workarounds": [
        {
          "lang": "en",
          "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."
        }
      ],
      "x_generator": {
        "engine": "cvelib 1.8.0"
      },
      "x_redhatCweChain": "CWE-126: Buffer Over-read"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2026-58010",
    "datePublished": "2026-06-30T12:57:15.125Z",
    "dateReserved": "2026-06-26T20:59:47.855Z",
    "dateUpdated": "2026-06-30T14:28:12.417Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2026-57968 (GCVE-0-2026-57968)

Vulnerability from cvelistv5 – Published: 2026-07-14 17:09 – Updated: 2026-07-15 03:58
VLAI
Title
Windows Subsystem for Linux (WSL2) Kernel Elevation of Privilege Vulnerability
Summary
Buffer over-read in Windows Subsystem for Linux allows an authorized attacker to elevate privileges locally.
SSVC
Exploitation: none Automatable: no Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
Assigner
References
Impacted products
Vendor Product Version
Microsoft Windows Subsystem for Linux (WSL2) Affected: 5.0.0.0 , < 2.7.8 (custom)
Create a notification for this product.
Date Public
2026-07-14 14:00
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-57968",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-07-13T00:00:00+00:00",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-07-15T03:58:39.193Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Windows Subsystem for Linux (WSL2)",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "2.7.8",
              "status": "affected",
              "version": "5.0.0.0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:a:microsoft:windows_subsystem_for_linux:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "2.7.8",
                  "versionStartIncluding": "5.0.0.0",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ]
        }
      ],
      "datePublic": "2026-07-14T14:00:00.000Z",
      "descriptions": [
        {
          "lang": "en-US",
          "value": "Buffer over-read in Windows Subsystem for Linux allows an authorized attacker to elevate privileges locally."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en-US",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-126",
              "description": "CWE-126: Buffer Over-read",
              "lang": "en-US",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-07-14T19:41:51.431Z",
        "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
        "shortName": "microsoft"
      },
      "references": [
        {
          "name": "Windows Subsystem for Linux (WSL2) Kernel Elevation of Privilege Vulnerability",
          "tags": [
            "vendor-advisory",
            "patch"
          ],
          "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-57968"
        }
      ],
      "title": "Windows Subsystem for Linux (WSL2) Kernel Elevation of Privilege Vulnerability"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
    "assignerShortName": "microsoft",
    "cveId": "CVE-2026-57968",
    "datePublished": "2026-07-14T17:09:39.716Z",
    "dateReserved": "2026-06-26T17:45:44.853Z",
    "dateUpdated": "2026-07-15T03:58:39.193Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2026-55036 (GCVE-0-2026-55036)

Vulnerability from cvelistv5 – Published: 2026-07-14 17:08 – Updated: 2026-07-15 03:56
VLAI
Title
Microsoft Excel Remote Code Execution Vulnerability
Summary
Buffer over-read in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
SSVC
Exploitation: none Automatable: no Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
Assigner
References
Impacted products
Vendor Product Version
Microsoft Microsoft 365 Apps for Enterprise Affected: 16.0.1 , < https://aka.ms/OfficeSecurityReleases (custom)
Create a notification for this product.
Microsoft Microsoft Excel 2016 Affected: 16.0.0.0 , < 16.0.5561.1001 (custom)
Create a notification for this product.
Microsoft Microsoft Office 2019 Affected: 19.0.0 , < https://aka.ms/OfficeSecurityReleases (custom)
Create a notification for this product.
Microsoft Microsoft Office 365 for Mac Affected: 1.0.0 , < 16.111.26071215 (custom)
Create a notification for this product.
Microsoft Microsoft Office LTSC 2021 Affected: 16.0.1 , < https://aka.ms/OfficeSecurityReleases (custom)
Create a notification for this product.
Microsoft Microsoft Office LTSC 2024 Affected: 16.0.0 , < https://aka.ms/OfficeSecurityReleases (custom)
Create a notification for this product.
Microsoft Microsoft Office LTSC for Mac 2021 Affected: 16.0.1 , < 16.111.26071215 (custom)
Create a notification for this product.
Microsoft Microsoft Office LTSC for Mac 2024 Affected: 16.0.0 , < 16.111.26071215 (custom)
Create a notification for this product.
Microsoft Office Online Server Affected: 16.0.0.0 , < 16.0.10417.20175 (custom)
Create a notification for this product.
Date Public
2026-07-14 14:00
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-55036",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-07-10T00:00:00+00:00",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-07-15T03:56:17.375Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "platforms": [
            "32-bit Systems",
            "x64-based Systems"
          ],
          "product": "Microsoft 365 Apps for Enterprise",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "https://aka.ms/OfficeSecurityReleases",
              "status": "affected",
              "version": "16.0.1",
              "versionType": "custom"
            }
          ]
        },
        {
          "platforms": [
            "32-bit Systems",
            "x64-based Systems"
          ],
          "product": "Microsoft Excel 2016",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "16.0.5561.1001",
              "status": "affected",
              "version": "16.0.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "platforms": [
            "32-bit Systems",
            "x64-based Systems"
          ],
          "product": "Microsoft Office 2019",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "https://aka.ms/OfficeSecurityReleases",
              "status": "affected",
              "version": "19.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "Microsoft Office 365 for Mac",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "16.111.26071215",
              "status": "affected",
              "version": "1.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "platforms": [
            "32-bit Systems",
            "x64-based Systems"
          ],
          "product": "Microsoft Office LTSC 2021",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "https://aka.ms/OfficeSecurityReleases",
              "status": "affected",
              "version": "16.0.1",
              "versionType": "custom"
            }
          ]
        },
        {
          "platforms": [
            "32-bit Systems",
            "x64-based Systems"
          ],
          "product": "Microsoft Office LTSC 2024",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "https://aka.ms/OfficeSecurityReleases",
              "status": "affected",
              "version": "16.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "Microsoft Office LTSC for Mac 2021",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "16.111.26071215",
              "status": "affected",
              "version": "16.0.1",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "Microsoft Office LTSC for Mac 2024",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "16.111.26071215",
              "status": "affected",
              "version": "16.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "Office Online Server",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "16.0.10417.20175",
              "status": "affected",
              "version": "16.0.0.0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:a:microsoft:office_2021:*:*:*:*:ltsc:*:*:*",
                  "versionEndExcluding": "16.0.10417.20175",
                  "versionStartIncluding": "16.0.0.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:a:microsoft:office_2019:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "https://aka.ms/OfficeSecurityReleases",
                  "versionStartIncluding": "19.0.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:a:microsoft:365_apps:*:*:*:*:enterprise:*:*:*",
                  "versionEndExcluding": "https://aka.ms/OfficeSecurityReleases",
                  "versionStartIncluding": "16.0.1",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:a:microsoft:office_macos_2021:*:*:*:*:*:long_term_servicing_channel:*:*",
                  "versionEndExcluding": "16.111.26071215",
                  "versionStartIncluding": "16.0.1",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:a:microsoft:office_2021:*:*:*:*:long_term_servicing_channel:*:*:*",
                  "versionEndExcluding": "https://aka.ms/OfficeSecurityReleases",
                  "versionStartIncluding": "16.0.1",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:a:microsoft:office_2024:*:*:*:*:long_term_servicing_channel:*:*:*",
                  "versionEndExcluding": "https://aka.ms/OfficeSecurityReleases",
                  "versionStartIncluding": "16.0.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:a:microsoft:office_macos_2024:*:*:*:*:*:long_term_servicing_channel:*:*",
                  "versionEndExcluding": "16.111.26071215",
                  "versionStartIncluding": "16.0.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:a:microsoft:excel_2016:*:*:*:*:*:*:x86:*",
                  "versionEndExcluding": "16.0.5561.1001",
                  "versionStartIncluding": "16.0.0.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:a:microsoft:office_365:*:*:*:*:*:macos:*:*",
                  "versionEndExcluding": "16.111.26071215",
                  "versionStartIncluding": "1.0.0",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ]
        }
      ],
      "datePublic": "2026-07-14T14:00:00.000Z",
      "descriptions": [
        {
          "lang": "en-US",
          "value": "Buffer over-read in Microsoft Office Excel allows an unauthorized attacker to execute code locally."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en-US",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-126",
              "description": "CWE-126: Buffer Over-read",
              "lang": "en-US",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-07-14T19:41:00.456Z",
        "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
        "shortName": "microsoft"
      },
      "references": [
        {
          "name": "Microsoft Excel Remote Code Execution Vulnerability",
          "tags": [
            "vendor-advisory",
            "patch"
          ],
          "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-55036"
        }
      ],
      "title": "Microsoft Excel Remote Code Execution Vulnerability"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
    "assignerShortName": "microsoft",
    "cveId": "CVE-2026-55036",
    "datePublished": "2026-07-14T17:08:51.360Z",
    "dateReserved": "2026-06-16T14:13:49.835Z",
    "dateUpdated": "2026-07-15T03:56:17.375Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2026-50504 (GCVE-0-2026-50504)

Vulnerability from cvelistv5 – Published: 2026-07-14 17:08 – Updated: 2026-07-14 19:40
VLAI
Title
Windows Remote Desktop Client Information Disclosure Vulnerability
Summary
Buffer over-read in Remote Desktop Client allows an unauthorized attacker to disclose information over a network.
SSVC
Exploitation: none Automatable: no Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
Assigner
References
Impacted products
Vendor Product Version
Microsoft Windows 10 Version 1607 Affected: 10.0.14393.0 , < 10.0.14393.9339 (custom)
Create a notification for this product.
Microsoft Windows 10 Version 1809 Affected: 10.0.17763.0 , < 10.0.17763.9020 (custom)
Create a notification for this product.
Microsoft Windows 10 Version 21H2 Affected: 10.0.19044.0 , < 10.0.19044.7548 (custom)
Create a notification for this product.
Microsoft Windows 10 Version 22H2 Affected: 10.0.19045.0 , < 10.0.19045.7548 (custom)
Create a notification for this product.
Microsoft Windows 11 Version 24H2 Affected: 10.0.26100.0 , < 10.0.26100.8875 (custom)
Create a notification for this product.
Microsoft Windows 11 Version 25H2 Affected: 10.0.26200.0 , < 10.0.26200.8875 (custom)
Create a notification for this product.
Microsoft Windows 11 version 26H1 Affected: 10.0.28000.0 , < 10.0.28000.2269 (custom)
Create a notification for this product.
Microsoft Windows Server 2012 Affected: 6.2.9200.0 , < 6.2.9200.26226 (custom)
Create a notification for this product.
Microsoft Windows Server 2012 (Server Core installation) Affected: 6.2.9200.0 , < 6.2.9200.26226 (custom)
Create a notification for this product.
Microsoft Windows Server 2012 R2 Affected: 6.3.9600.0 , < 6.3.9600.23291 (custom)
Create a notification for this product.
Microsoft Windows Server 2012 R2 (Server Core installation) Affected: 6.3.9600.0 , < 6.3.9600.23291 (custom)
Create a notification for this product.
Microsoft Windows Server 2016 Affected: 10.0.14393.0 , < 10.0.14393.9339 (custom)
Create a notification for this product.
Microsoft Windows Server 2016 (Server Core installation) Affected: 10.0.14393.0 , < 10.0.14393.9339 (custom)
Create a notification for this product.
Microsoft Windows Server 2019 Affected: 10.0.17763.0 , < 10.0.17763.9020 (custom)
Create a notification for this product.
Microsoft Windows Server 2019 (Server Core installation) Affected: 10.0.17763.0 , < 10.0.17763.9020 (custom)
Create a notification for this product.
Microsoft Windows Server 2022 Affected: 10.0.20348.0 , < 10.0.20348.5386 (custom)
Create a notification for this product.
Microsoft Windows Server 2025 Affected: 10.0.26100.0 , < 10.0.26100.33158 (custom)
Create a notification for this product.
Microsoft Windows Server 2025 (Server Core installation) Affected: 10.0.26100.0 , < 10.0.26100.33158 (custom)
Create a notification for this product.
Date Public
2026-07-14 14:00
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-50504",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-07-14T19:26:01.399798Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-07-14T19:26:16.421Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "platforms": [
            "32-bit Systems",
            "x64-based Systems"
          ],
          "product": "Windows 10 Version 1607",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.14393.9339",
              "status": "affected",
              "version": "10.0.14393.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "platforms": [
            "32-bit Systems",
            "x64-based Systems"
          ],
          "product": "Windows 10 Version 1809",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.17763.9020",
              "status": "affected",
              "version": "10.0.17763.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "platforms": [
            "32-bit Systems",
            "ARM64-based Systems",
            "x64-based Systems"
          ],
          "product": "Windows 10 Version 21H2",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.19044.7548",
              "status": "affected",
              "version": "10.0.19044.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "platforms": [
            "32-bit Systems",
            "ARM64-based Systems",
            "x64-based Systems"
          ],
          "product": "Windows 10 Version 22H2",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.19045.7548",
              "status": "affected",
              "version": "10.0.19045.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "platforms": [
            "ARM64-based Systems",
            "x64-based Systems"
          ],
          "product": "Windows 11 Version 24H2",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.26100.8875",
              "status": "affected",
              "version": "10.0.26100.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "platforms": [
            "ARM64-based Systems",
            "x64-based Systems"
          ],
          "product": "Windows 11 Version 25H2",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.26200.8875",
              "status": "affected",
              "version": "10.0.26200.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "platforms": [
            "ARM64-based Systems",
            "x64-based Systems"
          ],
          "product": "Windows 11 version 26H1",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.28000.2269",
              "status": "affected",
              "version": "10.0.28000.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "platforms": [
            "x64-based Systems"
          ],
          "product": "Windows Server 2012",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "6.2.9200.26226",
              "status": "affected",
              "version": "6.2.9200.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "platforms": [
            "x64-based Systems"
          ],
          "product": "Windows Server 2012 (Server Core installation)",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "6.2.9200.26226",
              "status": "affected",
              "version": "6.2.9200.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "platforms": [
            "x64-based Systems"
          ],
          "product": "Windows Server 2012 R2",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "6.3.9600.23291",
              "status": "affected",
              "version": "6.3.9600.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "platforms": [
            "x64-based Systems"
          ],
          "product": "Windows Server 2012 R2 (Server Core installation)",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "6.3.9600.23291",
              "status": "affected",
              "version": "6.3.9600.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "platforms": [
            "x64-based Systems"
          ],
          "product": "Windows Server 2016",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.14393.9339",
              "status": "affected",
              "version": "10.0.14393.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "platforms": [
            "x64-based Systems"
          ],
          "product": "Windows Server 2016 (Server Core installation)",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.14393.9339",
              "status": "affected",
              "version": "10.0.14393.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "platforms": [
            "x64-based Systems"
          ],
          "product": "Windows Server 2019",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.17763.9020",
              "status": "affected",
              "version": "10.0.17763.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "platforms": [
            "x64-based Systems"
          ],
          "product": "Windows Server 2019 (Server Core installation)",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.17763.9020",
              "status": "affected",
              "version": "10.0.17763.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "platforms": [
            "x64-based Systems"
          ],
          "product": "Windows Server 2022",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.20348.5386",
              "status": "affected",
              "version": "10.0.20348.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "platforms": [
            "x64-based Systems"
          ],
          "product": "Windows Server 2025",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.26100.33158",
              "status": "affected",
              "version": "10.0.26100.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "platforms": [
            "x64-based Systems"
          ],
          "product": "Windows Server 2025 (Server Core installation)",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.26100.33158",
              "status": "affected",
              "version": "10.0.26100.0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:*",
                  "versionEndExcluding": "10.0.17763.9020",
                  "versionStartIncluding": "10.0.17763.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "10.0.17763.9020",
                  "versionStartIncluding": "10.0.17763.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "10.0.17763.9020",
                  "versionStartIncluding": "10.0.17763.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "10.0.20348.5386",
                  "versionStartIncluding": "10.0.20348.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:microsoft:windows_10_21H2:*:*:*:*:*:*:x86:*",
                  "versionEndExcluding": "10.0.19044.7548",
                  "versionStartIncluding": "10.0.19044.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:microsoft:windows_10_22H2:*:*:*:*:*:*:x64:*",
                  "versionEndExcluding": "10.0.19045.7548",
                  "versionStartIncluding": "10.0.19045.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:microsoft:windows_server_2025:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "10.0.26100.33158",
                  "versionStartIncluding": "10.0.26100.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:microsoft:windows_11_25H2:*:*:*:*:*:*:arm64:*",
                  "versionEndExcluding": "10.0.26200.8875",
                  "versionStartIncluding": "10.0.26200.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:microsoft:windows_11_24H2:*:*:*:*:*:*:arm64:*",
                  "versionEndExcluding": "10.0.26100.8875",
                  "versionStartIncluding": "10.0.26100.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:microsoft:windows_server_2025:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "10.0.26100.33158",
                  "versionStartIncluding": "10.0.26100.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:microsoft:windows_11_26H1:*:*:*:*:*:*:x64:*",
                  "versionEndExcluding": "10.0.28000.2269",
                  "versionStartIncluding": "10.0.28000.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x86:*",
                  "versionEndExcluding": "10.0.14393.9339",
                  "versionStartIncluding": "10.0.14393.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "10.0.14393.9339",
                  "versionStartIncluding": "10.0.14393.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "10.0.14393.9339",
                  "versionStartIncluding": "10.0.14393.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:microsoft:windows_server_2012:*:*:*:*:*:*:x64:*",
                  "versionEndExcluding": "6.2.9200.26226",
                  "versionStartIncluding": "6.2.9200.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:microsoft:windows_server_2012:*:*:*:*:*:*:x64:*",
                  "versionEndExcluding": "6.2.9200.26226",
                  "versionStartIncluding": "6.2.9200.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:microsoft:windows_server_2012_R2:*:*:*:*:*:*:x64:*",
                  "versionEndExcluding": "6.3.9600.23291",
                  "versionStartIncluding": "6.3.9600.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:microsoft:windows_server_2012_R2:*:*:*:*:*:*:x64:*",
                  "versionEndExcluding": "6.3.9600.23291",
                  "versionStartIncluding": "6.3.9600.0",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ]
        }
      ],
      "datePublic": "2026-07-14T14:00:00.000Z",
      "descriptions": [
        {
          "lang": "en-US",
          "value": "Buffer over-read in Remote Desktop Client allows an unauthorized attacker to disclose information over a network."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en-US",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-126",
              "description": "CWE-126: Buffer Over-read",
              "lang": "en-US",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-07-14T19:40:05.631Z",
        "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
        "shortName": "microsoft"
      },
      "references": [
        {
          "name": "Windows Remote Desktop Client Information Disclosure Vulnerability",
          "tags": [
            "vendor-advisory",
            "patch"
          ],
          "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-50504"
        }
      ],
      "title": "Windows Remote Desktop Client Information Disclosure Vulnerability"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
    "assignerShortName": "microsoft",
    "cveId": "CVE-2026-50504",
    "datePublished": "2026-07-14T17:08:00.531Z",
    "dateReserved": "2026-06-04T19:00:41.292Z",
    "dateUpdated": "2026-07-14T19:40:05.631Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2026-50485 (GCVE-0-2026-50485)

Vulnerability from cvelistv5 – Published: 2026-07-14 17:07 – Updated: 2026-07-14 20:48
VLAI
Title
Windows Hyper-V Denial of Service Vulnerability
Summary
Buffer over-read in Windows Hyper-V allows an authorized attacker to deny service over an adjacent network.
SSVC
Exploitation: none Automatable: no Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
Assigner
References
Impacted products
Vendor Product Version
Microsoft Windows 10 Version 1607 Affected: 10.0.14393.0 , < 10.0.14393.9339 (custom)
Create a notification for this product.
Microsoft Windows 10 Version 1809 Affected: 10.0.17763.0 , < 10.0.17763.9020 (custom)
Create a notification for this product.
Microsoft Windows 10 Version 21H2 Affected: 10.0.19044.0 , < 10.0.19044.7548 (custom)
Create a notification for this product.
Microsoft Windows 10 Version 22H2 Affected: 10.0.19045.0 , < 10.0.19045.7548 (custom)
Create a notification for this product.
Microsoft Windows 11 Version 24H2 Affected: 10.0.26100.0 , < 10.0.26100.8875 (custom)
Create a notification for this product.
Microsoft Windows 11 Version 25H2 Affected: 10.0.26200.0 , < 10.0.26200.8875 (custom)
Create a notification for this product.
Microsoft Windows 11 version 26H1 Affected: 10.0.28000.0 , < 10.0.28000.2525 (custom)
Create a notification for this product.
Microsoft Windows Server 2012 Affected: 6.2.9200.0 , < 6.2.9200.26226 (custom)
Create a notification for this product.
Microsoft Windows Server 2012 (Server Core installation) Affected: 6.2.9200.0 , < 6.2.9200.26226 (custom)
Create a notification for this product.
Microsoft Windows Server 2012 R2 Affected: 6.3.9600.0 , < 6.3.9600.23291 (custom)
Create a notification for this product.
Microsoft Windows Server 2012 R2 (Server Core installation) Affected: 6.3.9600.0 , < 6.3.9600.23291 (custom)
Create a notification for this product.
Microsoft Windows Server 2016 Affected: 10.0.14393.0 , < 10.0.14393.9339 (custom)
Create a notification for this product.
Microsoft Windows Server 2016 (Server Core installation) Affected: 10.0.14393.0 , < 10.0.14393.9339 (custom)
Create a notification for this product.
Microsoft Windows Server 2019 Affected: 10.0.17763.0 , < 10.0.17763.9020 (custom)
Create a notification for this product.
Microsoft Windows Server 2019 (Server Core installation) Affected: 10.0.17763.0 , < 10.0.17763.9020 (custom)
Create a notification for this product.
Microsoft Windows Server 2022 Affected: 10.0.20348.0 , < 10.0.20348.5386 (custom)
Create a notification for this product.
Microsoft Windows Server 2025 Affected: 10.0.26100.0 , < 10.0.26100.33158 (custom)
Create a notification for this product.
Microsoft Windows Server 2025 (Server Core installation) Affected: 10.0.26100.0 , < 10.0.26100.33158 (custom)
Create a notification for this product.
Date Public
2026-07-14 14:00
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-50485",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-07-14T20:35:14.620777Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-07-14T20:48:10.539Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "platforms": [
            "32-bit Systems",
            "x64-based Systems"
          ],
          "product": "Windows 10 Version 1607",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.14393.9339",
              "status": "affected",
              "version": "10.0.14393.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "platforms": [
            "32-bit Systems",
            "x64-based Systems"
          ],
          "product": "Windows 10 Version 1809",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.17763.9020",
              "status": "affected",
              "version": "10.0.17763.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "platforms": [
            "32-bit Systems",
            "ARM64-based Systems",
            "x64-based Systems"
          ],
          "product": "Windows 10 Version 21H2",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.19044.7548",
              "status": "affected",
              "version": "10.0.19044.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "platforms": [
            "32-bit Systems",
            "ARM64-based Systems",
            "x64-based Systems"
          ],
          "product": "Windows 10 Version 22H2",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.19045.7548",
              "status": "affected",
              "version": "10.0.19045.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "platforms": [
            "ARM64-based Systems",
            "x64-based Systems"
          ],
          "product": "Windows 11 Version 24H2",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.26100.8875",
              "status": "affected",
              "version": "10.0.26100.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "platforms": [
            "ARM64-based Systems",
            "x64-based Systems"
          ],
          "product": "Windows 11 Version 25H2",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.26200.8875",
              "status": "affected",
              "version": "10.0.26200.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "platforms": [
            "ARM64-based Systems",
            "x64-based Systems"
          ],
          "product": "Windows 11 version 26H1",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.28000.2525",
              "status": "affected",
              "version": "10.0.28000.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "platforms": [
            "x64-based Systems"
          ],
          "product": "Windows Server 2012",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "6.2.9200.26226",
              "status": "affected",
              "version": "6.2.9200.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "platforms": [
            "x64-based Systems"
          ],
          "product": "Windows Server 2012 (Server Core installation)",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "6.2.9200.26226",
              "status": "affected",
              "version": "6.2.9200.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "platforms": [
            "x64-based Systems"
          ],
          "product": "Windows Server 2012 R2",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "6.3.9600.23291",
              "status": "affected",
              "version": "6.3.9600.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "platforms": [
            "x64-based Systems"
          ],
          "product": "Windows Server 2012 R2 (Server Core installation)",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "6.3.9600.23291",
              "status": "affected",
              "version": "6.3.9600.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "platforms": [
            "x64-based Systems"
          ],
          "product": "Windows Server 2016",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.14393.9339",
              "status": "affected",
              "version": "10.0.14393.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "platforms": [
            "x64-based Systems"
          ],
          "product": "Windows Server 2016 (Server Core installation)",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.14393.9339",
              "status": "affected",
              "version": "10.0.14393.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "platforms": [
            "x64-based Systems"
          ],
          "product": "Windows Server 2019",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.17763.9020",
              "status": "affected",
              "version": "10.0.17763.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "platforms": [
            "x64-based Systems"
          ],
          "product": "Windows Server 2019 (Server Core installation)",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.17763.9020",
              "status": "affected",
              "version": "10.0.17763.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "platforms": [
            "x64-based Systems"
          ],
          "product": "Windows Server 2022",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.20348.5386",
              "status": "affected",
              "version": "10.0.20348.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "platforms": [
            "x64-based Systems"
          ],
          "product": "Windows Server 2025",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.26100.33158",
              "status": "affected",
              "version": "10.0.26100.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "platforms": [
            "x64-based Systems"
          ],
          "product": "Windows Server 2025 (Server Core installation)",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.26100.33158",
              "status": "affected",
              "version": "10.0.26100.0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:*",
                  "versionEndExcluding": "10.0.17763.9020",
                  "versionStartIncluding": "10.0.17763.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "10.0.17763.9020",
                  "versionStartIncluding": "10.0.17763.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "10.0.17763.9020",
                  "versionStartIncluding": "10.0.17763.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "10.0.20348.5386",
                  "versionStartIncluding": "10.0.20348.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:microsoft:windows_10_21H2:*:*:*:*:*:*:x86:*",
                  "versionEndExcluding": "10.0.19044.7548",
                  "versionStartIncluding": "10.0.19044.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:microsoft:windows_10_22H2:*:*:*:*:*:*:x64:*",
                  "versionEndExcluding": "10.0.19045.7548",
                  "versionStartIncluding": "10.0.19045.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:microsoft:windows_server_2025:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "10.0.26100.33158",
                  "versionStartIncluding": "10.0.26100.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:microsoft:windows_11_25H2:*:*:*:*:*:*:arm64:*",
                  "versionEndExcluding": "10.0.26200.8875",
                  "versionStartIncluding": "10.0.26200.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:microsoft:windows_11_24H2:*:*:*:*:*:*:arm64:*",
                  "versionEndExcluding": "10.0.26100.8875",
                  "versionStartIncluding": "10.0.26100.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:microsoft:windows_server_2025:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "10.0.26100.33158",
                  "versionStartIncluding": "10.0.26100.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x86:*",
                  "versionEndExcluding": "10.0.14393.9339",
                  "versionStartIncluding": "10.0.14393.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "10.0.14393.9339",
                  "versionStartIncluding": "10.0.14393.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "10.0.14393.9339",
                  "versionStartIncluding": "10.0.14393.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:microsoft:windows_server_2012:*:*:*:*:*:*:x64:*",
                  "versionEndExcluding": "6.2.9200.26226",
                  "versionStartIncluding": "6.2.9200.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:microsoft:windows_server_2012:*:*:*:*:*:*:x64:*",
                  "versionEndExcluding": "6.2.9200.26226",
                  "versionStartIncluding": "6.2.9200.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:microsoft:windows_server_2012_R2:*:*:*:*:*:*:x64:*",
                  "versionEndExcluding": "6.3.9600.23291",
                  "versionStartIncluding": "6.3.9600.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:microsoft:windows_server_2012_R2:*:*:*:*:*:*:x64:*",
                  "versionEndExcluding": "6.3.9600.23291",
                  "versionStartIncluding": "6.3.9600.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:microsoft:windows_11_26H1:*:*:*:*:*:*:arm64:*",
                  "versionEndExcluding": "10.0.28000.2525",
                  "versionStartIncluding": "10.0.28000.0",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ]
        }
      ],
      "datePublic": "2026-07-14T14:00:00.000Z",
      "descriptions": [
        {
          "lang": "en-US",
          "value": "Buffer over-read in Windows Hyper-V allows an authorized attacker to deny service over an adjacent network."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "baseScore": 4.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en-US",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-126",
              "description": "CWE-126: Buffer Over-read",
              "lang": "en-US",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-07-14T19:39:55.422Z",
        "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
        "shortName": "microsoft"
      },
      "references": [
        {
          "name": "Windows Hyper-V Denial of Service Vulnerability",
          "tags": [
            "vendor-advisory",
            "patch"
          ],
          "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-50485"
        }
      ],
      "title": "Windows Hyper-V Denial of Service Vulnerability"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
    "assignerShortName": "microsoft",
    "cveId": "CVE-2026-50485",
    "datePublished": "2026-07-14T17:07:50.975Z",
    "dateReserved": "2026-06-04T18:59:53.336Z",
    "dateUpdated": "2026-07-14T20:48:10.539Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2026-50475 (GCVE-0-2026-50475)

Vulnerability from cvelistv5 – Published: 2026-07-14 17:07 – Updated: 2026-07-14 19:39
VLAI
Title
Windows Kernel Information Disclosure Vulnerability
Summary
Buffer over-read in Windows Kernel allows an authorized attacker to disclose information locally.
CWE
Assigner
References
Impacted products
Vendor Product Version
Microsoft Windows 10 Version 1607 Affected: 10.0.14393.0 , < 10.0.14393.9339 (custom)
Create a notification for this product.
Microsoft Windows 10 Version 1809 Affected: 10.0.17763.0 , < 10.0.17763.9020 (custom)
Create a notification for this product.
Microsoft Windows 10 Version 21H2 Affected: 10.0.19044.0 , < 10.0.19044.7548 (custom)
Create a notification for this product.
Microsoft Windows 10 Version 22H2 Affected: 10.0.19045.0 , < 10.0.19045.7548 (custom)
Create a notification for this product.
Microsoft Windows 11 Version 24H2 Affected: 10.0.26100.0 , < 10.0.26100.8875 (custom)
Create a notification for this product.
Microsoft Windows 11 Version 25H2 Affected: 10.0.26200.0 , < 10.0.26200.8875 (custom)
Create a notification for this product.
Microsoft Windows 11 version 26H1 Affected: 10.0.28000.0 , < 10.0.28000.2269 (custom)
Create a notification for this product.
Microsoft Windows Server 2012 Affected: 6.2.9200.0 , < 6.2.9200.26226 (custom)
Create a notification for this product.
Microsoft Windows Server 2012 (Server Core installation) Affected: 6.2.9200.0 , < 6.2.9200.26226 (custom)
Create a notification for this product.
Microsoft Windows Server 2012 R2 Affected: 6.3.9600.0 , < 6.3.9600.23291 (custom)
Create a notification for this product.
Microsoft Windows Server 2012 R2 (Server Core installation) Affected: 6.3.9600.0 , < 6.3.9600.23291 (custom)
Create a notification for this product.
Microsoft Windows Server 2016 Affected: 10.0.14393.0 , < 10.0.14393.9339 (custom)
Create a notification for this product.
Microsoft Windows Server 2016 (Server Core installation) Affected: 10.0.14393.0 , < 10.0.14393.9339 (custom)
Create a notification for this product.
Microsoft Windows Server 2019 Affected: 10.0.17763.0 , < 10.0.17763.9020 (custom)
Create a notification for this product.
Microsoft Windows Server 2019 (Server Core installation) Affected: 10.0.17763.0 , < 10.0.17763.9020 (custom)
Create a notification for this product.
Microsoft Windows Server 2022 Affected: 10.0.20348.0 , < 10.0.20348.5386 (custom)
Create a notification for this product.
Microsoft Windows Server 2025 Affected: 10.0.26100.0 , < 10.0.26100.33158 (custom)
Create a notification for this product.
Microsoft Windows Server 2025 (Server Core installation) Affected: 10.0.26100.0 , < 10.0.26100.33158 (custom)
Create a notification for this product.
Date Public
2026-07-14 14:00
Show details on NVD website

{
  "containers": {
    "cna": {
      "affected": [
        {
          "platforms": [
            "32-bit Systems",
            "x64-based Systems"
          ],
          "product": "Windows 10 Version 1607",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.14393.9339",
              "status": "affected",
              "version": "10.0.14393.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "platforms": [
            "32-bit Systems",
            "x64-based Systems"
          ],
          "product": "Windows 10 Version 1809",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.17763.9020",
              "status": "affected",
              "version": "10.0.17763.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "platforms": [
            "32-bit Systems",
            "ARM64-based Systems",
            "x64-based Systems"
          ],
          "product": "Windows 10 Version 21H2",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.19044.7548",
              "status": "affected",
              "version": "10.0.19044.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "platforms": [
            "32-bit Systems",
            "ARM64-based Systems",
            "x64-based Systems"
          ],
          "product": "Windows 10 Version 22H2",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.19045.7548",
              "status": "affected",
              "version": "10.0.19045.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "platforms": [
            "ARM64-based Systems",
            "x64-based Systems"
          ],
          "product": "Windows 11 Version 24H2",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.26100.8875",
              "status": "affected",
              "version": "10.0.26100.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "platforms": [
            "ARM64-based Systems",
            "x64-based Systems"
          ],
          "product": "Windows 11 Version 25H2",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.26200.8875",
              "status": "affected",
              "version": "10.0.26200.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "platforms": [
            "ARM64-based Systems",
            "x64-based Systems"
          ],
          "product": "Windows 11 version 26H1",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.28000.2269",
              "status": "affected",
              "version": "10.0.28000.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "platforms": [
            "x64-based Systems"
          ],
          "product": "Windows Server 2012",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "6.2.9200.26226",
              "status": "affected",
              "version": "6.2.9200.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "platforms": [
            "x64-based Systems"
          ],
          "product": "Windows Server 2012 (Server Core installation)",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "6.2.9200.26226",
              "status": "affected",
              "version": "6.2.9200.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "platforms": [
            "x64-based Systems"
          ],
          "product": "Windows Server 2012 R2",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "6.3.9600.23291",
              "status": "affected",
              "version": "6.3.9600.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "platforms": [
            "x64-based Systems"
          ],
          "product": "Windows Server 2012 R2 (Server Core installation)",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "6.3.9600.23291",
              "status": "affected",
              "version": "6.3.9600.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "platforms": [
            "x64-based Systems"
          ],
          "product": "Windows Server 2016",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.14393.9339",
              "status": "affected",
              "version": "10.0.14393.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "platforms": [
            "x64-based Systems"
          ],
          "product": "Windows Server 2016 (Server Core installation)",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.14393.9339",
              "status": "affected",
              "version": "10.0.14393.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "platforms": [
            "x64-based Systems"
          ],
          "product": "Windows Server 2019",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.17763.9020",
              "status": "affected",
              "version": "10.0.17763.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "platforms": [
            "x64-based Systems"
          ],
          "product": "Windows Server 2019 (Server Core installation)",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.17763.9020",
              "status": "affected",
              "version": "10.0.17763.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "platforms": [
            "x64-based Systems"
          ],
          "product": "Windows Server 2022",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.20348.5386",
              "status": "affected",
              "version": "10.0.20348.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "platforms": [
            "x64-based Systems"
          ],
          "product": "Windows Server 2025",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.26100.33158",
              "status": "affected",
              "version": "10.0.26100.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "platforms": [
            "x64-based Systems"
          ],
          "product": "Windows Server 2025 (Server Core installation)",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.26100.33158",
              "status": "affected",
              "version": "10.0.26100.0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:*",
                  "versionEndExcluding": "10.0.17763.9020",
                  "versionStartIncluding": "10.0.17763.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "10.0.17763.9020",
                  "versionStartIncluding": "10.0.17763.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "10.0.17763.9020",
                  "versionStartIncluding": "10.0.17763.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "10.0.20348.5386",
                  "versionStartIncluding": "10.0.20348.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:microsoft:windows_10_21H2:*:*:*:*:*:*:x86:*",
                  "versionEndExcluding": "10.0.19044.7548",
                  "versionStartIncluding": "10.0.19044.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:microsoft:windows_10_22H2:*:*:*:*:*:*:x64:*",
                  "versionEndExcluding": "10.0.19045.7548",
                  "versionStartIncluding": "10.0.19045.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:microsoft:windows_server_2025:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "10.0.26100.33158",
                  "versionStartIncluding": "10.0.26100.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:microsoft:windows_11_25H2:*:*:*:*:*:*:arm64:*",
                  "versionEndExcluding": "10.0.26200.8875",
                  "versionStartIncluding": "10.0.26200.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:microsoft:windows_11_24H2:*:*:*:*:*:*:arm64:*",
                  "versionEndExcluding": "10.0.26100.8875",
                  "versionStartIncluding": "10.0.26100.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:microsoft:windows_server_2025:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "10.0.26100.33158",
                  "versionStartIncluding": "10.0.26100.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:microsoft:windows_11_26H1:*:*:*:*:*:*:x64:*",
                  "versionEndExcluding": "10.0.28000.2269",
                  "versionStartIncluding": "10.0.28000.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x86:*",
                  "versionEndExcluding": "10.0.14393.9339",
                  "versionStartIncluding": "10.0.14393.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "10.0.14393.9339",
                  "versionStartIncluding": "10.0.14393.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "10.0.14393.9339",
                  "versionStartIncluding": "10.0.14393.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:microsoft:windows_server_2012:*:*:*:*:*:*:x64:*",
                  "versionEndExcluding": "6.2.9200.26226",
                  "versionStartIncluding": "6.2.9200.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:microsoft:windows_server_2012:*:*:*:*:*:*:x64:*",
                  "versionEndExcluding": "6.2.9200.26226",
                  "versionStartIncluding": "6.2.9200.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:microsoft:windows_server_2012_R2:*:*:*:*:*:*:x64:*",
                  "versionEndExcluding": "6.3.9600.23291",
                  "versionStartIncluding": "6.3.9600.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:microsoft:windows_server_2012_R2:*:*:*:*:*:*:x64:*",
                  "versionEndExcluding": "6.3.9600.23291",
                  "versionStartIncluding": "6.3.9600.0",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ]
        }
      ],
      "datePublic": "2026-07-14T14:00:00.000Z",
      "descriptions": [
        {
          "lang": "en-US",
          "value": "Buffer over-read in Windows Kernel allows an authorized attacker to disclose information locally."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en-US",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-126",
              "description": "CWE-126: Buffer Over-read",
              "lang": "en-US",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-07-14T19:39:45.350Z",
        "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
        "shortName": "microsoft"
      },
      "references": [
        {
          "name": "Windows Kernel Information Disclosure Vulnerability",
          "tags": [
            "vendor-advisory",
            "patch"
          ],
          "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-50475"
        }
      ],
      "title": "Windows Kernel Information Disclosure Vulnerability"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
    "assignerShortName": "microsoft",
    "cveId": "CVE-2026-50475",
    "datePublished": "2026-07-14T17:07:40.791Z",
    "dateReserved": "2026-06-04T18:59:17.979Z",
    "dateUpdated": "2026-07-14T19:39:45.350Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2026-50468 (GCVE-0-2026-50468)

Vulnerability from cvelistv5 – Published: 2026-07-14 17:09 – Updated: 2026-07-14 19:41
VLAI
Title
Microsoft SQL Server Information Disclosure Vulnerability
Summary
Buffer over-read in SQL Server allows an authorized attacker to disclose information over a network.
SSVC
Exploitation: none Automatable: no Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
Assigner
References
Impacted products
Date Public
2026-07-14 14:00
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-50468",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-07-14T18:32:02.394902Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-07-14T18:32:10.770Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Microsoft SQL Server 2025 (CU 6)",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "17.0.4060.2",
              "status": "affected",
              "version": "17.0.4060.2",
              "versionType": "custom"
            }
          ]
        },
        {
          "platforms": [
            "x64-based Systems"
          ],
          "product": "Microsoft SQL Server 2025 for x64-based Systems (GDR)",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "17.0.1125.2",
              "status": "affected",
              "version": "17.0.1050.2",
              "versionType": "custom"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:a:microsoft:sql_server_2025:*:*:*:*:*:*:x64:*",
                  "versionEndExcluding": "17.0.4060.2",
                  "versionStartIncluding": "17.0.4060.2",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:a:microsoft:sql_server_2025:*:*:*:*:*:*:x64:*",
                  "versionEndExcluding": "17.0.1125.2",
                  "versionStartIncluding": "17.0.1050.2",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ]
        }
      ],
      "datePublic": "2026-07-14T14:00:00.000Z",
      "descriptions": [
        {
          "lang": "en-US",
          "value": "Buffer over-read in SQL Server allows an authorized attacker to disclose information over a network."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en-US",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-126",
              "description": "CWE-126: Buffer Over-read",
              "lang": "en-US",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-07-14T19:41:17.932Z",
        "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
        "shortName": "microsoft"
      },
      "references": [
        {
          "name": "Microsoft SQL Server Information Disclosure Vulnerability",
          "tags": [
            "vendor-advisory",
            "patch"
          ],
          "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-50468"
        }
      ],
      "title": "Microsoft SQL Server Information Disclosure Vulnerability"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
    "assignerShortName": "microsoft",
    "cveId": "CVE-2026-50468",
    "datePublished": "2026-07-14T17:09:08.079Z",
    "dateReserved": "2026-06-04T18:59:17.978Z",
    "dateUpdated": "2026-07-14T19:41:17.932Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

No mitigation information available for this CWE.

No CAPEC attack patterns related to this CWE.