Improper access control in Windows NTFS allows an authorized attacker to disclose file path information under a folder where the attacker doesn't have permission to list content.Referenceshttps://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21197
