Information Disclosure Vulnerability in Windows DWM Core Library by Microsoft
CVE-2026-44814

5.5MEDIUM

Key Information:

Vendor

Microsoft

Vendor
CVE Published:
9 June 2026

What is CVE-2026-44814?

The Windows DWM Core Library is susceptible to an out-of-bounds read vulnerability, which could potentially allow an authorized attacker to gain access to sensitive information. This vulnerability emphasizes the importance of prompt software updates to protect against local information disclosure risks. Users are advised to apply the latest patches provided by Microsoft as part of their security best practices.

Affected Version(s)

Windows 11 version 26H1 ARM64-based Systems 10.0.28000.0 < 10.0.28000.2269

References

CVSS V3.1

Score:
5.5
Severity:
MEDIUM
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.