CVE Catalog

CVE-2026-42906

MediumCVSS 5.5
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.07%

22th percentile - higher than 22% of all known CVEs

Summary

A vulnerability in Windows Shell allows an authorized attacker to disclose sensitive information locally.

Risk Assessment

The organization may be exposed to the disclosure of confidential data, potentially leading to further attacks or privacy breaches.

Recommendation

It is recommended to monitor access to Windows Shell and implement additional security measures to protect sensitive information.

Original NVD description (English source)

Exposure of sensitive information to an unauthorized actor in Windows Shell allows an authorized attacker to disclose information locally.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS