Description
Out-of-bounds read in Telnet Client allows an unauthorized attacker to disclose information over a network.
Published: 2026-05-12
Score: 5.4 Medium
EPSS: n/a
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

An out‑of‑bounds read in the Windows Telnet client can be triggered by an unauthenticated attacker sending specially crafted data over the network. The flaw allows the attacker to read memory contents that should be inaccessible, thereby exposing sensitive information on the affected system. This weakness is classified as CWE‑125 and results in information disclosure rather than code execution or denial of service.

Affected Systems

Microsoft Windows 10 versions 1607, 1809, 21H2, and 22H2; Windows 11 versions 22H3, 23H2, 24H2, 25H2, and 26H1; Windows Server 2012 and 2012 R2 (both Server Core installations), Windows Server 2016 and 2016 (Server Core installation), Windows Server 2019 and 2019 (Server Core installation), Windows Server 2022 and 2022 (Server Core installation), Windows Server 2025 and 2025 (Server Core installation), and the Server 23H2 edition (Server Core installation). The vulnerability also affects arm64 variants of Windows 11 and x64 variants of Windows 10 and Windows 11.

Risk and Exploitability

The CVSS score is 5.4, indicating moderate severity. EPSS is not available, so the exploitation likelihood is uncertain, but the lack of an EPSS score does not negate potential risk. The vulnerability is not listed in the CISA KEV catalog. An attacker can exploit it by connecting over the network to the Telnet service, delivering malicious input, and observing leaked data. Because the flaw requires only network access and no elevated privileges, any device running a vulnerable Telnet client on a reachable network is potentially at risk.

Generated by OpenCVE AI on May 12, 2026 at 20:10 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Apply any available Microsoft security update that addresses CVE‑2026‑35423.
  • Disable or uninstall the Windows Telnet client if it is not required.
  • Restrict network access to the Telnet service by using firewalls or network segmentation to prevent unauthenticated inbound connections.

Generated by OpenCVE AI on May 12, 2026 at 20:10 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Tue, 12 May 2026 20:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Tue, 12 May 2026 17:30:00 +0000

Type Values Removed Values Added
Description Out-of-bounds read in Telnet Client allows an unauthorized attacker to disclose information over a network.
Title Windows 11 Telnet Client Information Disclosure Vulnerability
First Time appeared Microsoft
Microsoft windows 10 1607
Microsoft windows 10 1809
Microsoft windows 10 21h2
Microsoft windows 10 22h2
Microsoft windows 11 23h2
Microsoft windows 11 24h2
Microsoft windows 11 25h2
Microsoft windows 11 26h1
Microsoft windows Server 2012
Microsoft windows Server 2012 R2
Microsoft windows Server 2016
Microsoft windows Server 2019
Microsoft windows Server 2022
Microsoft windows Server 2025
Microsoft windows Server 23h2
Weaknesses CWE-125
CPEs cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x86:*
cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:*
cpe:2.3:o:microsoft:windows_10_21H2:*:*:*:*:*:*:x86:*
cpe:2.3:o:microsoft:windows_10_22H2:*:*:*:*:*:*:x64:*
cpe:2.3:o:microsoft:windows_11_23H2:*:*:*:*:*:*:arm64:*
cpe:2.3:o:microsoft:windows_11_23H2:*:*:*:*:*:*:x64:*
cpe:2.3:o:microsoft:windows_11_24H2:*:*:*:*:*:*:arm64:*
cpe:2.3:o:microsoft:windows_11_25H2:*:*:*:*:*:*:arm64:*
cpe:2.3:o:microsoft:windows_11_26H1:*:*:*:*:*:*:x64:*
cpe:2.3:o:microsoft:windows_server_2012:*:*:*:*:*:*:x64:*
cpe:2.3:o:microsoft:windows_server_2012_R2:*:*:*:*:*:*:x64:*
cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_server_2025:*:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_server_23h2:*:*:*:*:*:*:*:*
Vendors & Products Microsoft
Microsoft windows 10 1607
Microsoft windows 10 1809
Microsoft windows 10 21h2
Microsoft windows 10 22h2
Microsoft windows 11 23h2
Microsoft windows 11 24h2
Microsoft windows 11 25h2
Microsoft windows 11 26h1
Microsoft windows Server 2012
Microsoft windows Server 2012 R2
Microsoft windows Server 2016
Microsoft windows Server 2019
Microsoft windows Server 2022
Microsoft windows Server 2025
Microsoft windows Server 23h2
References
Metrics cvssV3_1

{'score': 5.4, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L/E:U/RL:O/RC:C'}

Subscriptions

Microsoft Windows 10 1607 Windows 10 1809 Windows 10 21h2 Windows 10 22h2 Windows 11 23h2 Windows 11 24h2 Windows 11 25h2 Windows 11 26h1 Windows Server 2012 Windows Server 2012 R2 Windows Server 2016 Windows Server 2019 Windows Server 2022 Windows Server 2025 Windows Server 23h2
cve-icon MITRE

Status: PUBLISHED

Assigner: microsoft

Published:

Updated: 2026-05-12T19:47:09.442Z

Reserved: 2026-04-02T19:21:11.804Z

Link: CVE-2026-35423

cve-icon Vulnrichment

Updated: 2026-05-12T19:47:03.581Z

cve-icon NVD

Status : Received

Published: 2026-05-12T18:17:13.077

Modified: 2026-05-12T18:17:13.077

Link: CVE-2026-35423

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-05-12T20:15:24Z

Weaknesses