CVE-2026-20835 | Microsoft Windows 11 24H2/11 25H2/Server 2022 23H2/Server 2025 Capability Access Management Service out-of-bounds

A vulnerability identified as problematic has been detected in Microsoft Windows 11 24H2/11 25H2/Server 2022 23H2/Server 2025. Affected by this vulnerability is an unknown functionality of the component Capability Access Management Service. The manipulation leads to out-of-bounds read.

This vulnerability is traded as CVE-2026-20835. An attack has to be approached locally. There is no exploit available.

It is suggested to install a patch to address this issue.VulDB Recent EntriesRead More