CVE-2026-2810

EUVD-2026-26239

29.04.2026, 16:16

Netskope was notified about a potential gap in the Endpoint DLP Module for Netskope Client on Windows systems. The successful exploitation of the gap can potentially allow an unprivileged user to trigger an out-of-bounds read within a driver, leading to a Blue-Screen-of-Death (BSOD). Successful exploitation would require the Endpoint DLP module to be enabled in the client configuration. A successful exploit can potentially result in a denial-of-service for the local machine.

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
Netskope	CNA	6.8 MEDIUM	LOCAL	LOW	LOW	CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H

Base Score

CVSS 3.x

EPSS Score

Percentile: Unknown

Early Detection

Affected products identified ahead of NVD analysis through intelligence sources.

Vendor	Product	Version	Source
netskope	netskope	𝑥 < 129.1.8,132.0.23,135.1.0,136.1	CNA

Common Weakness Enumeration

CWE-125 - Out-of-bounds Read
The software reads data past the end, or before the beginning, of the intended buffer.

References

https://support.netskope.com/s/article/Netskope-Security-Advisory-NSKPSA-2026-002-Netskope-Endpoint-DLP-Driver-Security-Advisory

https://www.netskope.com/resources/netskope-resources/netskope-security-advisory-nskpsa-2026-002