Jan 2026: Windows Management Services Information Disclosure Vulnerability
CVE-2026-20862 Published on January 13, 2026
Windows Management Services Information Disclosure Vulnerability
Exposure of sensitive information to an unauthorized actor in Windows Management Services allows an authorized attacker to disclose information locally.
Weakness Type
What is an Information Disclosure Vulnerability?
The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.
CVE-2026-20862 has been classified to as an Information Disclosure vulnerability or weakness.
Products Associated with CVE-2026-20862
You can be notified by email with stack.watch whenever vulnerabilities like CVE-2026-20862 are published in these products:
Affected Versions
Microsoft Windows 10 Version 1809:- Version 10.0.17763.0 and below 10.0.17763.8276 is affected.
- Version 10.0.19044.0 and below 10.0.19044.6809 is affected.
- Version 10.0.19045.0 and below 10.0.19045.6809 is affected.
- Version 10.0.22631.0 and below 10.0.22631.6491 is affected.
- Version 10.0.22631.0 and below 10.0.22631.6491 is affected.
- Version 10.0.26100.0 and below 10.0.26100.7623 is affected.
- Version 10.0.26200.0 and below 10.0.26200.7623 is affected.
- Version 10.0.17763.0 and below 10.0.17763.8276 is affected.
- Version 10.0.17763.0 and below 10.0.17763.8276 is affected.
- Version 10.0.20348.0 and below 10.0.20348.4648 is affected.
- Version 10.0.25398.0 and below 10.0.25398.2092 is affected.
- Version 10.0.26100.0 and below 10.0.26100.32230 is affected.
- Version 10.0.26100.0 and below 10.0.26100.32230 is affected.
Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.