{"id":82012,"date":"2026-07-15T05:52:57","date_gmt":"2026-07-15T02:22:57","guid":{"rendered":"https:\/\/afaghhosting.net\/blog\/cve-2026-8919-asus-gamesdk-cross-domain-information-disclosure-vulnerability\/"},"modified":"2026-07-15T05:52:57","modified_gmt":"2026-07-15T02:22:57","slug":"cve-2026-8919-asus-gamesdk-cross-domain-information-disclosure-vulnerability","status":"publish","type":"post","link":"https:\/\/afaghhosting.net\/blog\/cve-2026-8919-asus-gamesdk-cross-domain-information-disclosure-vulnerability\/","title":{"rendered":"CVE-2026-8919 &#8211; ASUS GameSDK Cross-Domain Information Disclosure Vulnerability"},"content":{"rendered":"<p>CVE ID :CVE-2026-8919<\/p>\n<p>  Published : July 15, 2026, 2:22 a.m. | 1\u00a0hour, 8\u00a0minutes ago<\/p>\n<p>  Description :Permissive Cross-domain Security Policy with Untrusted Domains in ASUS GameSDK allows a remote user to obtain a local user\u2019s NTLM hash by convincing the user to visit a crafted web page that sends a request containing a UNC path to the application\u2019s local service endpoint. This can result in information disclosure or data tampering, may cause GameSDK to become unavailable, and may also enable access to the victim\u2019s information on other services.<br \/>\nRefer to the &#8216;\u00a0Security Update for ASUS GameSDK\u00a0\u00a0&#8216; section on the ASUS Security Advisory for more information.<\/p>\n<p>  Severity: 7.2 | HIGH<\/p>\n<p>  Visit the link for more details, such as CVSS details, affected products, timeline, and more&#8230;\u00a0<\/p>\n","protected":false},"excerpt":{"rendered":"<p>CVE ID :CVE-2026-8919 Published : July 15, 2026, 2:22 a.m. | 1\u00a0hour, 8\u00a0minutes ago Description :Permissive Cross-domain Security Policy with Untrusted Domains in ASUS GameSDK allows a remote user to obtain a local user\u2019s NTLM hash by convincing the user to visit a crafted web page that sends a request containing a UNC path to &hellip;<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[26],"tags":[],"class_list":["post-82012","post","type-post","status-publish","format-standard","hentry","category-vulnerability"],"_links":{"self":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/posts\/82012","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/comments?post=82012"}],"version-history":[{"count":0,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/posts\/82012\/revisions"}],"wp:attachment":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/media?parent=82012"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/categories?post=82012"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/tags?post=82012"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}