Null Pointer Dereference in Intel(R) QAT Software Drivers for Windows
CVE-2026-20914

6.8MEDIUM

Key Information:

Vendor: Intel
Status: Intel(r) Qat Software Drivers For Windows
Vendor: CVE Published:; 12 May 2026

What is CVE-2026-20914?

A null pointer dereference vulnerability exists in certain Intel QAT software drivers for Windows prior to version 2.6.0. This issue might enable a denial of service under specific conditions, allowing an unauthenticated software adversary with access to locally deployed applications to exploit the flaw. The attack is characterized by its low complexity, requiring minimal technical knowledge for exploitation, and does not necessitate user interaction. The vulnerability primarily threatens the availability of the system, impacting its operational integrity significantly.

Affected Version(s)

Intel(R) QAT software drivers for Windows before version 2.6.0

References

https://intel.com/content/www/us/en/security-center/advis...

CVSS V4

Score:

6.8

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 12, 2026
Vulnerability Reserved
Dec 4, 2025

CVE-2026-20914 Data

JSON