Information Disclosure Vulnerability in Windows Remote Desktop Client
CVE-2026-58539

6.5MEDIUM

What is CVE-2026-58539?

An out-of-bounds read vulnerability in the Windows Remote Desktop Client can be exploited by an unauthorized attacker to disclose sensitive information over a network. This vulnerability allows attackers to access potentially confidential data, leading to severe security risks. Administrators and users are urged to review the applicable patches provided by Microsoft to mitigate any exposure.

Affected Version(s)

Windows 10 Version 1607 32-bit Systems 10.0.14393.0 < 10.0.14393.9339

Windows 10 Version 1809 32-bit Systems 10.0.17763.0 < 10.0.17763.9020

Windows 10 Version 21H2 32-bit Systems 10.0.19044.0 < 10.0.19044.7548

References

CVSS V3.1

Score:
6.5
Severity:
MEDIUM
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.