CVE-2025-59509

Medium

Insertion of sensitive information into sent data in Windows Speech allows an authorized attacker to disclose information locally.

secure@microsoft.com·CWE-201·Published 2025-11-11

CVSS

5.5

EPSS

0.01

KEV

Exploits

cve.orgen

130 chars

Insertion of sensitive information into sent data in Windows Speech allows an authorized attacker to disclose information locally.

NVDen

130 chars

Insertion of sensitive information into sent data in Windows Speech allows an authorized attacker to disclose information locally.

Version	Type	Source	Base	Exp	Impact	Vector
3.1	Primary	cve.org	5.5	—	—	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
3.1	Secondary	NVD	5.5	1.8	3.6