CVE-2026-2810
Endpoint DLP Module Out-of-Bounds Read in Netskope Client
Publication date: 2026-04-29
Last updated on: 2026-04-29
Assigner: Netskope
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| netskope | netskope_client | to R136.1 (exc) |
| netskope | netskope_client | R129.1.8 |
| netskope | netskope_client | R132.0.23 |
| netskope | netskope_client | R135.1.0 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-125 | The product reads data past the end, or before the beginning, of the intended buffer. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability exists in the Endpoint Data Loss Prevention (DLP) Module of the Netskope Client on Windows systems. It allows an unprivileged user to trigger an out-of-bounds read within a driver, which can cause the system to crash with a Blue Screen of Death (BSOD).
Exploitation requires that the Endpoint DLP module is enabled in the client configuration.
How can this vulnerability impact me? :
Successful exploitation of this vulnerability can lead to a denial-of-service condition on the affected local machine by causing a Blue Screen of Death (BSOD). This means the system will crash and become temporarily unusable.
How can this vulnerability be detected on my network or system? Can you suggest some commands?
There is no specific information provided about detection methods or commands to identify this vulnerability on your network or system.
What immediate steps should I take to mitigate this vulnerability?
To mitigate this vulnerability, you should apply the security patches released by Netskope. These patches include versions R136.1 and above, as well as backported versions R129.1.8, R132.0.23, and R135.1.0.
No workarounds are currently available, so patching is the recommended immediate action.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
The provided information does not specify any direct impact of this vulnerability on compliance with common standards and regulations such as GDPR or HIPAA.
Can you explain this vulnerability to me?
This vulnerability exists in the Endpoint DLP Module of the Netskope Client on Windows systems. It allows an unprivileged user to trigger an out-of-bounds read within a driver, which can cause the system to crash with a Blue Screen of Death (BSOD).
Exploitation requires that the Endpoint DLP module is enabled in the client configuration.
How can this vulnerability impact me? :
If exploited successfully, this vulnerability can cause a denial-of-service condition on the affected local machine by triggering a system crash (BSOD). This means the system would become unavailable until it is restarted.