CVE Catalog

CVE-2026-37453

HighCVSS 7.5
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.22%

13th percentile — higher than 13% of all known CVEs

Summary

Insecure permissions vulnerability in MSI NBFoundation Service v.2.0.2506.1201 allows a remote attacker to obtain sensitive information via the MSI_SERVICE_2 pipe.

Risk Assessment

An attacker can remotely capture confidential data, leading to a breach of system confidentiality and potential information leakage.

Recommendation

Immediately update MSI NBFoundation Service to the latest version and restrict access to the MSI_SERVICE_2 pipe to trusted processes only.

Original NVD description (English source)

Insecure Permissions vulnerability in MSI NBFoundation Service v.2.0.2506.1201 allows a remote attacker to obtain sensitive information via the MSI_SERVICE_2 pipe

Vulnerability data from NVD (NIST) · CISA KEV · EPSS