CVE-2026-37453

MSI NBFoundation Service (MSIAPService.exe) is exposed via the named pipe \.\pipe\MSI_SERVICE_2 with no caller authentication. The IO command surface enables unauthenticated ReadMemory/WriteMemory and ReadPort/WritePort through WinIO, allowing arbitrary physical memory and I/O-port access (system...