CVE Catalog
CVE-2026-37453
HighCVSS 7.5Exploitation Probability (EPSS)
Low risk0.22%
13th percentile — higher than 13% of all known CVEs
Summary
Insecure permissions vulnerability in MSI NBFoundation Service v.2.0.2506.1201 allows a remote attacker to obtain sensitive information via the MSI_SERVICE_2 pipe.
Risk Assessment
An attacker can remotely capture confidential data, leading to a breach of system confidentiality and potential information leakage.
Recommendation
Immediately update MSI NBFoundation Service to the latest version and restrict access to the MSI_SERVICE_2 pipe to trusted processes only.
Original NVD description (English source)
Insecure Permissions vulnerability in MSI NBFoundation Service v.2.0.2506.1201 allows a remote attacker to obtain sensitive information via the MSI_SERVICE_2 pipe

