Secure Cyber Vulnerability Management

22/04/2026
Zero-Day Initiative

ZDI-26-294: (0Day) Microsoft Windows library-ms NTLM Response Information Disclosure Vulnerability

by Deepanshu Jha
This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must view a folder containing malicious content. The ZDI has assigned a CVSS rating of 3.5.

Comments are closed.

You may also like