cve 2026 20821

CVE-2026-20821 is a confirmed information-disclosure vulnerability in the Windows Remote Procedure Call (RPC) subsystem. It allows a local, unauthorized actor to obtain sensitive memory or system information when the vulnerable RPC runtime is invoked. RPC is a foundational Windows mechanism that enables processes and services to invoke procedures across process and machine boundaries, underpinning authentication, service control, and many other system functions. This tag covers discussions about the vulnerability's impact, affected Windows versions, and available patches. Users seeking guidance on mitigating CVE-2026-20821 will find technical details and step-by-step patch instructions in the tagged content.