VDB
GCVE-110-NCSC-2026-7
GCVE-110-NCSC-2026-7
Advisory PublishedCVSS 6.2/10
A vulnerability in Windows Remote Procedure Call allows an unauthorized local attacker to expose sensitive information, potentially compromising system confidentiality.
Weaknesses (CWE)
CWE-532Insertion of Sensitive Information into Log FileCWE-327Use of a Broken or Risky Cryptographic AlgorithmCWE-416Use After FreeCWE-362Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')CWE-908Use of Uninitialized ResourceCWE-1329Reliance on Component That is Not UpdateableCWE-266Incorrect Privilege AssignmentCWE-122Heap-based Buffer OverflowCWE-822Untrusted Pointer DereferenceCWE-367Time-of-check Time-of-use (TOCTOU) Race ConditionCWE-280Improper Handling of Insufficient Permissions or PrivilegesCWE-125Out-of-bounds ReadCWE-415Double FreeCWE-359Exposure of Private Personal Information to an Unauthorized ActorCWE-209Generation of Error Message Containing Sensitive InformationCWE-121Stack-based Buffer OverflowCWE-843Access of Resource Using Incompatible Type ('Type Confusion')CWE-476NULL Pointer DereferenceCWE-73External Control of File Name or PathCWE-807Reliance on Untrusted Inputs in a Security DecisionCWE-77Improper Neutralization of Special Elements used in a Command ('Command Injection')CWE-59Improper Link Resolution Before File Access ('Link Following')CWE-590Free of Memory not on the HeapCWE-200Exposure of Sensitive Information to an Unauthorized ActorCWE-20Improper Input ValidationCWE-693Protection Mechanism FailureCWE-284Improper Access Control
Risk Scores
CVSS 3.1
6.2/10
Medium · CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Affected Products
| Vendor | Product | Versions | Platforms |
|---|---|---|---|
| Microsoft | vers:unknown/* | — | — |
Aliases
CVE-2023-31096CVE-2024-55414CVE-2026-0386CVE-2026-20804CVE-2026-20805CVE-2026-20808CVE-2026-20809CVE-2026-20810CVE-2026-20811CVE-2026-20812CVE-2026-20814CVE-2026-20815CVE-2026-20816CVE-2026-20817CVE-2026-20818CVE-2026-20819CVE-2026-20820CVE-2026-20821CVE-2026-20822CVE-2026-20823CVE-2026-20824CVE-2026-20825CVE-2026-20826CVE-2026-20827CVE-2026-20828CVE-2026-20829CVE-2026-20830CVE-2026-20831CVE-2026-20832CVE-2026-20833CVE-2026-20834CVE-2026-20835CVE-2026-20836CVE-2026-20837CVE-2026-20838CVE-2026-20839CVE-2026-20840CVE-2026-20842CVE-2026-20843CVE-2026-20844CVE-2026-20847CVE-2026-20848CVE-2026-20849CVE-2026-20851CVE-2026-20852CVE-2026-20853CVE-2026-20854CVE-2026-20856CVE-2026-20857CVE-2026-20858CVE-2026-20859CVE-2026-20860CVE-2026-20861CVE-2026-20862CVE-2026-20863CVE-2026-20864CVE-2026-20865CVE-2026-20866CVE-2026-20867CVE-2026-20868CVE-2026-20869CVE-2026-20870CVE-2026-20871CVE-2026-20872CVE-2026-20873CVE-2026-20874CVE-2026-20875CVE-2026-20876CVE-2026-20877CVE-2026-20918CVE-2026-20919CVE-2026-20920CVE-2026-20921CVE-2026-20922CVE-2026-20923CVE-2026-20924CVE-2026-20925CVE-2026-20926CVE-2026-20927CVE-2026-20929CVE-2026-20931CVE-2026-20932CVE-2026-20934CVE-2026-20935CVE-2026-20936CVE-2026-20937CVE-2026-20938CVE-2026-20939CVE-2026-20940CVE-2026-20941CVE-2026-20962CVE-2026-21221CVE-2026-21265
References
Browse GCVE Records
73,040 records in the GCVE database · Updated July 15, 2026
No matching records found.
Explore Further
Investigate this vulnerability in the interactive console or download the raw GCVE record.