CVE-2026-20805 — Microsoft Windows Information Disclosure Vulnerability

Description

Microsoft Windows Desktop Windows Manager contains an information disclosure vulnerability that allows an authorized attacker to disclose information locally.

How to fix CVE-2026-20805

No package mapping is available — consult the references below for vendor-specific guidance.

Is CVE-2026-20805 being exploited?

Yes — CVE-2026-20805 is on the CISA Known Exploited Vulnerabilities (KEV) catalog. Patch immediately.

Affected packages (0)

No package mapping in OSV.