CVE Catalog

CVE-2026-42968

MediumCVSS 5.5
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.05%

16th percentile - higher than 16% of all known CVEs

Summary

An out-of-bounds read in Windows Telephony Service allows an authorized attacker to disclose information locally.

Risk Assessment

An attacker with appropriate permissions may gain access to sensitive data, potentially leading to a breach of user privacy.

Recommendation

It is recommended to monitor access to the telephony service and update the operating system to patch this vulnerability.

Original NVD description (English source)

Out-of-bounds read in Windows Telephony Service allows an authorized attacker to disclose information locally.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS