Input Validation Flaw in Intel QAT Software Drivers for Windows
CVE-2026-20905

6.9MEDIUM

Key Information:

Vendor: Intel
Status: Intel(r) Qat Software Drivers For Windows
Vendor: CVE Published:; 12 May 2026

What is CVE-2026-20905?

A vulnerability exists in Intel's QAT software drivers for Windows prior to version 2.6, where insufficient input validation may expose systems to potential denial of service attacks. An adversary with legitimate access can exploit this flaw through local means, facilitating a denial of service without the need for elevated privileges. This situation does not require any special internal knowledge, allowing for the possibility of disruption in service availability for the affected systems.

Affected Version(s)

Intel(R) QAT software drivers for Windows before version 2.6

References

https://intel.com/content/www/us/en/security-center/advis...

CVSS V4

Score:

6.9

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 12, 2026
Vulnerability Reserved
Dec 4, 2025

CVE-2026-20905 Data

JSON