Refine your search
2 vulnerabilities found for Endpoint DLP Module for Netskope Client by Netskope
CVE-2026-2809 (GCVE-0-2026-2809)
Vulnerability from cvelistv5
Published
2026-03-17 20:20
Modified
2026-03-18 19:59
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-190 - Integer overflow or wraparound
Summary
Netskope was notified about a potential gap in its Endpoint DLP Module for Netskope Client on Windows systems. The successful exploitation of the gap can potentially allow a privileged user to trigger an integer overflow within the DLL Injector, leading to a Blue-Screen-of-Death (BSOD). Successful exploitation would require the Endpoint DLP module to be enabled in the client configuration. A successful exploit can potentially result in a denial-of-service for the local machine.
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Netskope | Endpoint DLP Module for Netskope Client |
Version: 0 < 132.0.20, 135 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-2809",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-03-18T19:59:29.984901Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-03-18T19:59:38.332Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"Windows"
],
"product": "Endpoint DLP Module for Netskope Client",
"vendor": "Netskope",
"versions": [
{
"lessThan": "132.0.20, 135",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"configurations": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "The Endpoint DLP module must be enabled in the client configuration"
}
],
"value": "The Endpoint DLP module must be enabled in the client configuration"
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "Tom Brice"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Netskope was notified about a potential gap in its Endpoint DLP Module for Netskope Client on Windows systems. The successful exploitation of the gap can potentially allow a privileged user to trigger an integer overflow within the DLL Injector, leading to a Blue-Screen-of-Death (BSOD). Successful exploitation would require the Endpoint DLP module to be enabled in the client configuration. A successful exploit can potentially result in a denial-of-service for the local machine.\u0026nbsp;\u003cbr\u003e"
}
],
"value": "Netskope was notified about a potential gap in its Endpoint DLP Module for Netskope Client on Windows systems. The successful exploitation of the gap can potentially allow a privileged user to trigger an integer overflow within the DLL Injector, leading to a Blue-Screen-of-Death (BSOD). Successful exploitation would require the Endpoint DLP module to be enabled in the client configuration. A successful exploit can potentially result in a denial-of-service for the local machine."
}
],
"impacts": [
{
"capecId": "CAPEC-92",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-92 Forced Integer Overflow"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "LOCAL",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "HIGH",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-190",
"description": "CWE-190 Integer overflow or wraparound",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-03-17T20:26:05.545Z",
"orgId": "bf992f6a-e49d-4e94-9479-c4cff32c62bc",
"shortName": "Netskope"
},
"references": [
{
"tags": [
"vendor-advisory",
"permissions-required"
],
"url": "https://support.netskope.com/s/article/NSKPSA-2026-001-Endpoint-DLP-Driver-DLL-Injector-Integer-Overflow"
}
],
"source": {
"advisory": "NSKPSA-2026-001",
"discovery": "UNKNOWN"
},
"title": "Endpoint DLP Driver DLL",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "There are no direct workarounds. Some AV and EDR solutions may be able to detect behaviors associated with exploiting this vulnerability."
}
],
"value": "There are no direct workarounds. Some AV and EDR solutions may be able to detect behaviors associated with exploiting this vulnerability."
}
],
"x_generator": {
"engine": "Vulnogram 1.0.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "bf992f6a-e49d-4e94-9479-c4cff32c62bc",
"assignerShortName": "Netskope",
"cveId": "CVE-2026-2809",
"datePublished": "2026-03-17T20:20:18.698Z",
"dateReserved": "2026-02-19T15:53:20.256Z",
"dateUpdated": "2026-03-18T19:59:38.332Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-15584 (GCVE-0-2025-15584)
Vulnerability from cvelistv5
Published
2026-03-17 18:55
Modified
2026-03-18 14:04
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-190 - Integer overflow or wraparound
Summary
Netskope was notified about a potential gap in its Endpoint DLP Module for Netskope Client on Windows systems. The successful exploitation of the gap can potentially allow an unprivileged user to trigger an integer overflow within the filter communication port, leading to a Blue-Screen-of-Death (BSOD). Successful exploitation would require the Endpoint DLP module to be enabled in the client configuration. A successful exploit can potentially result in a denial-of-service for the local machine.
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Netskope | Endpoint DLP Module for Netskope Client |
Version: 0 < 135.0.0 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-15584",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-03-18T14:03:46.576435Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-03-18T14:04:02.449Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"Windows"
],
"product": "Endpoint DLP Module for Netskope Client",
"vendor": "Netskope",
"versions": [
{
"lessThan": "135.0.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"configurations": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Requires the Endpoint DLP module to be enabled in the client configuration."
}
],
"value": "Requires the Endpoint DLP module to be enabled in the client configuration."
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "Tom Brice"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Netskope was notified about a potential gap in its Endpoint DLP Module for Netskope Client on Windows systems. The successful exploitation of the gap can potentially allow an unprivileged user to trigger an integer overflow within the filter communication port, leading to a Blue-Screen-of-Death (BSOD). Successful exploitation would require the Endpoint DLP module to be enabled in the client configuration. A successful exploit can potentially result in a denial-of-service for the local machine.\u0026nbsp;\u003cbr\u003e"
}
],
"value": "Netskope was notified about a potential gap in its Endpoint DLP Module for Netskope Client on Windows systems. The successful exploitation of the gap can potentially allow an unprivileged user to trigger an integer overflow within the filter communication port, leading to a Blue-Screen-of-Death (BSOD). Successful exploitation would require the Endpoint DLP module to be enabled in the client configuration. A successful exploit can potentially result in a denial-of-service for the local machine."
}
],
"impacts": [
{
"capecId": "CAPEC-92",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-92 Forced Integer Overflow"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "LOCAL",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-190",
"description": "CWE-190 Integer overflow or wraparound",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-03-17T18:55:59.156Z",
"orgId": "bf992f6a-e49d-4e94-9479-c4cff32c62bc",
"shortName": "Netskope"
},
"references": [
{
"tags": [
"vendor-advisory",
"permissions-required"
],
"url": "https://support.netskope.com/s/article/NSKPSA-2025-006-Endpoint-DLP-Driver-Filter-Communication-Port-Integer-Overflow"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Endpoint DLP Driver Filter Communication Port Integer Overflow",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "There are no direct workarounds. Some AV and EDR solutions may be able to detect the behaviors associated with exploiting this vulnerability."
}
],
"value": "There are no direct workarounds. Some AV and EDR solutions may be able to detect the behaviors associated with exploiting this vulnerability."
}
],
"x_generator": {
"engine": "Vulnogram 1.0.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "bf992f6a-e49d-4e94-9479-c4cff32c62bc",
"assignerShortName": "Netskope",
"cveId": "CVE-2025-15584",
"datePublished": "2026-03-17T18:55:59.156Z",
"dateReserved": "2026-02-18T22:27:08.617Z",
"dateUpdated": "2026-03-18T14:04:02.449Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}