CVE-2026-12166
A NULL pointer dereference vulnerability for driver `GFAC_Sys_x64.sys` in Little Orbit GFAC allows a local attacker to cause a denial of ser
CVSS
5.5
Medium
EPSS
0.2%
p7
KEV
—
Exploit Today
2
0-100
Published: Jul 2, 2026 · Last modified: Jul 2, 2026
0.2%EPSS · 30 days0.2%
2026-07-032026-07-17
A NULL pointer dereference vulnerability for driver `GFAC_Sys_x64.sys` in Little Orbit GFAC allows a local attacker to cause a denial of service via crafted requests that trigger a system crash.
No related CVEs by CWE or product.