CVE-2026-2810

Summary

Netskope was notified about a potential gap in the Endpoint DLP Module for Netskope Client on Windows systems. The successful exploitation of the gap can potentially allow an unprivileged user to trigger an out-of-bounds read within a driver, leading to a Blue-Screen-of-Death (BSOD). Successful exploitation would require the Endpoint DLP module to be enabled in the client configuration. A successful exploit can potentially result in a denial-of-service for the local machine.

Affected Software

VendorProductVersion RangeStatus
NetskopeClient0 < 129.1.8,132.0.23,135.1.0,136.1affected

Weaknesses

  • CWE-125: CWE-125 Out-of-bounds read

Workarounds

There are no direct workarounds. Some AV and EDR solutions may be able to detect behaviors associated with exploiting this vulnerability.

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References