Vulnerabilities ›

CVE-2026-32079

Medium

CWE-200 — Weakness Type

                    Published: Apr 14, 2026                      ·  Modified: Apr 15, 2026                      ·  Source: NVD                

CVSS v3

5.5

🔗 NVD Official

📄 Description (English)

Exposure of sensitive information to an unauthorized actor in Windows File Explorer allows an authorized attacker to disclose information locally.

🤖 AI Executive Summary

CVE-2026-32079 is a Windows File Explorer vulnerability that exposes sensitive information to unauthorized actors through local access. An authenticated attacker can exploit this flaw to disclose confidential data stored on affected systems.

📄 Description (Arabic)

ثغرة في مستكشف ملفات Windows تسمح بكشف المعلومات الحساسة لأطراف غير مصرح لهم من خلال الوصول المحلي. يمكن للمهاجمين المصرح لهم استغلال هذه الضعف للوصول إلى البيانات السرية المخزنة على الأنظمة المتأثرة.

🤖 ملخص تنفيذي (AI)

This vulnerability in Windows File Explorer allows exposure of sensitive information to unauthorized parties through local system access. Authenticated attackers can exploit this weakness to reveal confidential data on affected Windows systems.

🤖 AI Intelligence Analysis Analyzed: May 25, 2026 21:16

🇸🇦 Saudi Arabia Impact Assessment

Saudi Relevance: high

🏢 Affected Saudi Sectors

government banking telecom healthcare

🎯 MITRE ATT&CK Techniques

T1005 T1020 T1083

⚖️ Saudi Risk Score (AI)

5.0

/ 10.0

🔧 Remediation Steps (English)

Apply the latest Windows security updates and patches from Microsoft immediately. Restrict local system access to authorized personnel only, implement strong authentication mechanisms, and monitor file access logs for suspicious activities.

🔧 خطوات المعالجة (العربية)

تطبيق أحدث تحديثات الأمان من Microsoft فوراً. تقييد الوصول المحلي للنظام للموظفين المصرحين فقط، وتنفيذ آليات مصادقة قوية، ومراقبة سجلات الوصول للملفات للكشف عن الأنشطة المريبة.

📋 Regulatory Compliance Mapping

🟢 NCA ECC 2024

2.1.1 2.2.1 3.1.1

🔵 SAMA CSF

ID.RA-2 PR.AC-1 PR.DS-1

🟡 ISO 27001:2022

A.9.2.1 A.9.4.3 A.13.1.1

🔗 References & Sources 1

🔗

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-32079

secure@microsoft.com

📊 CVSS Score

5.5

/ 10.0 — Medium

📊 CVSS Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Attack VectorL — Low / Local

Attack ComplexityL — Low / Local

Privileges RequiredL — Low / Local

User InteractionN — None / Network

ScopeU — Unchanged

ConfidentialityH — High

IntegrityN — None / Network

AvailabilityN — None / Network

📋 Quick Facts

Severity Medium

CVSS Score5.5

CWECWE-200

EPSS0.04%

Exploit No

Patch ✗ No

Published 2026-04-14

Source Feed nvd

🇸🇦 Saudi Risk Score

5.0

/ 10.0 — Saudi Risk

Priority: MEDIUM

🏷️ Tags

CWE-200

⚡ Actions

🔗 NVD Official Page ⚡ Exploit-DB Search 🐙 GitHub PoC Search 🎯 MITRE ATT&CK 📊 CVE Details

CVE-2026-32079

Introduce Yourself

Sign In Required