Jun 2026: Windows Shell Information Disclosure Vulnerability
CVE-2026-42906 Published on June 9, 2026
Windows Shell Information Disclosure Vulnerability
Exposure of sensitive information to an unauthorized actor in Windows Shell allows an authorized attacker to disclose information locally.
Weakness Type
What is an Information Disclosure Vulnerability?
The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.
CVE-2026-42906 has been classified to as an Information Disclosure vulnerability or weakness.
Products Associated with CVE-2026-42906
Want to know whenever a new CVE is published for Microsoft products? stack.watch will email you.
Affected Versions
Microsoft Windows 10 Version 21H2:- Version 10.0.19044.0 and below 10.0.19044.7417 is affected.
- Version 10.0.19045.0 and below 10.0.19045.7417 is affected.
- Version 10.0.22631.0 and below 10.0.22631.7219 is affected.
- Version 10.0.22631.0 and below 10.0.22631.7219 is affected.
- Version 10.0.26100.0 and below 10.0.26100.8655 is affected.
- Version 10.0.26200.0 and below 10.0.26200.8655 is affected.
- Version 10.0.28000.0 and below 10.0.28000.2269 is affected.
- Version 10.0.20348.0 and below 10.0.20348.5256 is affected.
- Version 10.0.26100.0 and below 10.0.26100.32995 is affected.
- Version 10.0.26100.0 and below 10.0.26100.32995 is affected.