High severity7.8NVD Advisory· Published May 12, 2026· Updated May 14, 2026
CVE-2026-34336
CVE-2026-34336
Description
Buffer over-read in Windows DWM Core Library allows an authorized attacker to disclose information locally.
Affected products
1Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
1- msrc.microsoft.com/update-guide/vulnerability/CVE-2026-34336nvdVendor Advisory
News mentions
3- Patch Tuesday - May 2026Rapid7 Blog · May 13, 2026
- Microsoft May 2026 Patch Tuesday, (Tue, May 12th)SANS Internet Storm Center · May 12, 2026
- Microsoft May 2026 Patch Tuesday fixes 120 flaws, no zero-daysBleepingComputer · May 12, 2026