469 matches found
CVE-2026-42907
Exposure of sensitive information to an unauthorized actor in Windows Shell allows an authorized attacker to disclose information locally...
CVE-2026-42906
Exposure of sensitive information to an unauthorized actor in Windows Shell allows an authorized attacker to disclose information locally...
CVE-2026-42906
Exposure of sensitive information to an unauthorized actor in Windows Shell allows an authorized attacker to disclose information locally...
CVE-2026-42907
Exposure of sensitive information to an unauthorized actor in Windows Shell allows an authorized attacker to disclose information locally...
CVE-2026-42907
Technical details (affected software, component, root cause, impact and remediation) are not publicly available in the provided documents. Monitor for updates.
CVE-2026-42907 Windows Shell Information Disclosure Vulnerability
...
EUVD-2026-35596
Exposure of sensitive information to an unauthorized actor in Windows Shell allows an authorized attacker to disclose information locally...
CVE-2026-42906 Windows Shell Information Disclosure Vulnerability
...
EUVD-2026-35595
Exposure of sensitive information to an unauthorized actor in Windows Shell allows an authorized attacker to disclose information locally...
CVE-2026-42906 Windows Shell Information Disclosure Vulnerability
...
CVE-2026-42906
CVE-2026-42906 is a Windows Shell information-disclosure vulnerability. The Windows Shell component exposes sensitive information to an unauthorized actor via a local attack with low privileges required and no user interaction. The impact is confidentiality loss (C:H) while integrity/availability...
Windows Shell Information Disclosure Vulnerability
Exposure of sensitive information to an unauthorized actor in Windows Shell allows an authorized attacker to disclose information locally...
Windows Shell Information Disclosure Vulnerability
Exposure of sensitive information to an unauthorized actor in Windows Shell allows an authorized attacker to disclose information locally...
PT-2026-47885
Exposure of sensitive information to an unauthorized actor in Windows Shell allows an authorized attacker to disclose information locally...
Microsoft Windows Shell 信息泄露漏洞
Microsoft Windows Shell is the graphical user interface of the Windows operating system developed by Microsoft Corporation. Key elements of the Windows Shell include the desktop, taskbar, start menu, task switcher, and autoplay features. There is an information leakage vulnerability present in...
Microsoft Windows Shell 信息泄露漏洞
Microsoft Windows Shell is the graphical user interface of the Windows operating system developed by Microsoft Corporation. Key features of the Windows Shell include the desktop, taskbar, start menu, task switcher, and auto-play. There is an information leakage vulnerability present in Microsoft...
PT-2026-47886
Name of the Vulnerable Software and Affected Versions Windows Shell affected versions not specified Description Exposure of sensitive information in Windows Shell allows an authorized attacker to disclose information locally, which can affect the system. Recommendations At the moment, there is no...
Microsoft - NTLMv2 Hash Capture
Titles: Microsoft - NTLMv2 Hash Capture Author: nu11secur1ty Date: 2026-05-27 Vendor: Microsoft Software: Windows Shell File Explorer Reference: https://nvd.nist.gov/vuln/detail/CVE-2026-32202 Description: A spoofing vulnerability in Windows Shell File Explorer allows an attacker to capture NTLMv...
📄 Windows Shell LNK Spoofing / NTLMv2 Hash Capture
A spoofing vulnerability in Windows Shell File Explorer allows an attacker to capture NTLMv2 hashes without user interaction. By crafting a malicious .lnk shortcut file with a UNC path pointing to an attacker-controlled SMB server, the target's Windows system automatically sends an NTLMv2...
CISA Adds Actively Exploited ConnectWise and Windows Flaws to KEV
The U.S. Cybersecurity and Infrastructure Security Agency CISA on Tuesday added two security flaws impacting ConnectWise ScreenConnect and Microsoft Windows to its Known Exploited Vulnerabilities KEV catalog, based on evidence of active exploitation. The vulnerabilities are listed below -...