Windows GDI Information Disclosure Vulnerability
Out-of-bounds read in Windows GDI allows an unauthorized attacker to disclose information locally.
MSRC compact vulnerability detail
CVE-2026-27930 · Windows GDI Information Disclosure Vulnerability
Out-of-bounds read in Windows GDI allows an unauthorized attacker to disclose information locally.
Signals
Windows GDI
Information Disclosure
Exploited: No
Publicly disclosed: No
Exploitability: Exploitation Less Likely
CWE
Patch Diff
Loading module diff metadata...
Resolved binary override
Use this when the MSRC module name cannot be mapped automatically or the resolved binary looks wrong.
Description
Out-of-bounds read in Windows GDI allows an unauthorized attacker to disclose information locally.
FAQ / Articles
FAQ
According to the CVSS metrics, successful exploitation of this vulnerability could lead to some loss of confidentiality (C:L),but lead to no loss of availability (A:N) and integrity (I:N)? What does that mean for this vulnerability? An attacker who successfully exploited the vulnerability could view some sensitive information (Confidentiality) but not all resources within the impacted component may be divulged to the attacker. The attacker cannot make changes to disclosed information (Integrity) or limit access to the resource (Availability).
FAQ
What type of information could be disclosed by this vulnerability? This vulnerability may allow an attacker to access small portions of memory from the affected application when it processes a specially crafted Enhanced Metafile (EMF). This issue is an out‑of‑bounds read, any disclosure would be limited to whatever data happens to reside in adjacent memory at the time.
FAQ
According to the CVSS metric, user interaction is required (UI:R). What interaction would the user have to do? The user would have to open or preview content that contains the malicious Enhanced Metafile (EMF).