CVE-2026-50428: Windows Container Isolation FS Filter Driver (unionfs.sys) Information Disclosure Vulnerability

Overview

Severity
High (CVSS 7.1)
CVSS Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H/E:U/RL:O/RC:C
Category
Information Disclosure
Exploit Status
Not Exploited
Exploitation Likelihood
Less Likely
Patch Tuesday
2026-Jul
Released
2026-07-14

Description

Out-of-bounds read in Windows Container Isolation FS Filter Driver (unionfs.sys) allows an authorized attacker to disclose information locally.

FAQ

What type of information could be disclosed by this vulnerability? Exploiting this vulnerability could allow the disclosure of certain kernel memory content.

Affected Products (2)

Windows

  • Windows 11 version 26H1 for x64-based Systems
  • Windows 11 Version 26H1 for ARM64-based Systems

Security Updates (2)

Acknowledgments

Anonymous

Revision History

  • 2026-07-14: Information published.