CVE Catalog
CVE-2026-42906
MediumCVSS 5.5Exploitation Probability (EPSS)
Low risk0.07%
22th percentile - higher than 22% of all known CVEs
Summary
A vulnerability in Windows Shell allows an authorized attacker to disclose sensitive information locally.
Risk Assessment
The organization may be exposed to the disclosure of confidential data, potentially leading to further attacks or privacy breaches.
Recommendation
It is recommended to monitor access to Windows Shell and implement additional security measures to protect sensitive information.
Original NVD description (English source)
Exposure of sensitive information to an unauthorized actor in Windows Shell allows an authorized attacker to disclose information locally.

