CVE-2026-32215

MEDIUM

Windows Kernel Information Disclosure Vulnerability

Title source: cna
STIX 2.1

Description

Insertion of sensitive information into log file in Windows Kernel allows an authorized attacker to disclose information locally.

References (1)

Scores

CVSS v3 5.5
EPSS 0.0006
EPSS Percentile 17.8%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

CISA SSVC

Vulnrichment
Exploitation none
Automatable no
Technical Impact partial

Details

CWE
CWE-532
Status published
Products (26)
Microsoft/Windows 10 Version 1809 10.0.17763.0 - 10.0.17763.8644
Microsoft/Windows 10 Version 21H2 10.0.19044.0 - 10.0.19044.7184
Microsoft/Windows 10 Version 22H2 10.0.19045.0 - 10.0.19045.7184
Microsoft/Windows 11 version 22H3 10.0.22631.0 - 10.0.22631.6936
Microsoft/Windows 11 Version 23H2 10.0.22631.0 - 10.0.22631.6936
Microsoft/Windows 11 Version 24H2 10.0.26100.0 - 10.0.26100.32690
Microsoft/Windows 11 Version 24H2 10.0.26100.0 - 10.0.26100.8246
Microsoft/Windows 11 Version 25H2 10.0.26200.0 - 10.0.26200.8246
Microsoft/Windows 11 version 26H1 10.0.28000.0 - 10.0.28000.1836
Microsoft/Windows Server 2019 10.0.17763.0 - 10.0.17763.8644
... and 16 more
Published Apr 14, 2026
Tracked Since Apr 14, 2026