CVE-2026-2810
CWE-125Published: April 29, 2026· Updated: Apr 30, 2026
Official Description
Netskope was notified about a potential gap in the Endpoint DLP Module for Netskope Client on Windows systems. The successful exploitation of the gap can potentially allow an unprivileged user to trigger an out-of-bounds read within a driver, leading to a Blue-Screen-of-Death (BSOD). Successful exploitation would require the Endpoint DLP module to be enabled in the client configuration. A successful exploit can potentially result in a denial-of-service for the local machine.
Technical Analysis
CVE-2026-2810 requires local access, meaning attackers must already have a foothold on the target system.
Exploitation requires low privileges, which limits the exposure to scenarios where an attacker has already gained initial access.
CVSS v3.1 Vector Breakdown
Exploit & PoC Resources
All References (2)
Quick Facts
Related CVEs (CWE-125)
Recommended Actions
- →Apply vendor patches immediately
- →Monitor CVE-2026-2810 in threat intel feeds
- →Review IDS/IPS signatures for exploitation attempts