Skip to main content

Windows Push Notifications EUVDEUVD-2026-35730

| CVE-2026-42969 MEDIUM
Use of Uninitialized Resource (CWE-908)
2026-06-09 secure@microsoft.com GHSA-rx6q-px4x-v8cf
Medium
Disputed · 5.5 NVD
Temporal: 4.8
Share

Severity by source

Sources disagree (Medium–Critical)
NVD PRIMARY
5.5 MEDIUM
AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
ENISA EUVD
CRITICAL
qualitative
CIRCL (temporal)
4.8 MEDIUM
cvss

vuln.today treats the vendor’s rating as authoritative. A higher third-party CVSS (e.g. CISA-ADP) is shown for transparency but does not drive the headline severity.

CVSS VectorNVD

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Attack Vector
Local
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
None
Availability
None

Lifecycle Timeline

3
Analysis Generated
Jun 09, 2026 - 19:55 vuln.today
Patch available
Jun 09, 2026 - 19:03 EUVD
CVE Published
Jun 09, 2026 - 17:17 nvd
MEDIUM 5.5

DescriptionNVD

Use of uninitialized resource in Windows Push Notifications allows an authorized attacker to disclose information locally.

AnalysisAI

Windows Push Notifications on a broad range of Windows 10, Windows 11, and Windows Server editions leaks sensitive memory contents to locally authenticated low-privileged users through an uninitialized resource condition (CWE-908). The CVSS vector confirms local attack vector with low-privilege authentication requirement, no user interaction needed, and high confidentiality impact - meaning an attacker who has already obtained a standard user account can read residual memory data that could include tokens, credentials, or other sensitive artifacts. …

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access
Obtain low-privileged local user account
Delivery
Interact with Push Notifications service API
Exploit
Trigger uninitialized buffer read
Execution
Extract residual memory contents
Impact
Harvest sensitive data from leaked memory

Vulnerability AssessmentAI

Exploitation Exploitation requires a locally authenticated account with standard (low-privileged) user rights on the target system - confirmed by the CVSS vector AV:L/PR:L. … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment The CVSS 5.5 medium score reflects the constrained attack surface: AV:L requires physical or logical local access, PR:L requires a valid low-privileged account, and S:U means the vulnerability cannot pivot to affect other system components directly. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario An attacker who has obtained a standard low-privileged Windows account - through credential theft, social engineering, or insider access - invokes the Push Notifications API on an unpatched system to trigger the uninitialized resource read path, capturing residual heap or stack memory contents that may include authentication tokens, session data, or other sensitive artifacts left by previously executing processes. No public proof-of-concept code has been identified, so exploitation would currently require independent vulnerability research to identify the precise triggering condition within the Push Notifications subsystem.
Remediation Apply the Microsoft security update corresponding to your Windows version as detailed in the MSRC advisory at https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-42969. … Detailed patch versions, workarounds, and compensating controls in full report.

Threat intelligence, references, and detailed analysis are available after sign-in.

Share

EUVD-2026-35730 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy