Microsoft has squashed a storage-devouring bug that could silently fill your Windows 11 drive with a single file. The company’s June 23, 2026 preview update (KB5095093) for Windows 11 versions 24H2 and 25H2 fixes an issue where the CapabilityAccessManager.db-wal system file can grow without limit—sometimes swallowing tens to hundreds of gigabytes with no warning.

For users who’ve watched their free disk space mysteriously vanish, the culprit may now have a name. And the fix is available now, ahead of next month’s mandatory Patch Tuesday rollout.

The File That Wouldn’t Stop Growing

The bug centers on a write-ahead log, officially named CapabilityAccessManager.db-wal, stored deep in the system at C:\ProgramData\Microsoft\Windows\CapabilityAccessManager\. Under normal operation, this temporary file is used by the Capability Access Manager service—the component that handles app permissions for your microphone, camera, location, and other privacy-sensitive hardware—and should never exceed a few megabytes. But due to a flaw in how the service’s SQLite database handles transactions, the log can enter a runaway state, ballooning unchecked.

Reports from early‑adopter forums and IT admins detail machines where the file topped 400 GB, triggering disk‑full warnings and system instability. In some edge cases, the file grew past 1 TB on large volumes before users noticed.

KB5095093 does two things: it corrects the database journaling logic so the .db-wal file stops growing indefinitely, and it triggers a one‑time cleanup process that automatically removes the bloated log if it’s already present. The update is classified as a preview, meaning it’s an optional, non‑security update that will be bundled into the next mandatory cumulative release (likely July 2026’s Patch Tuesday).

Should You Worry? A Practical Impact Breakdown

Home Users

If your boot SSD has felt tighter than usual lately, and you haven’t installed any new apps or media, this bug could be the reason. The CapabilityAccessManager service runs on every Windows 11 PC, so virtually every 24H2 or 25H2 device is susceptible. The file grows silently—no notification, no error dialog—until you run out of room. Symptoms include:
- Windows failing to update due to insufficient space
- Apps crashing with “disk full” errors
- Slower performance on SSDs as write amplification kicks in

IT Administrators and Power Users

In enterprise or shared environments, the problem can scale dangerously. A single remote session host or a kiosk machine with many user profiles (each firing up microphone or camera permissions) may see the WAL file explode within days. Disk monitoring tools that alert on volume usage thresholds are likely already screaming. Fortunately, the fix can be deployed via Windows Update for Business or SCCM today, and the cleanup is scriptable (more on that below).

Developers

If you’re building apps that use privacy‑sensitive APIs (e.g., AppCapability class, MediaCapture), you might have indirectly contributed to the growth by rapid‑firing permission checks. The update doesn’t change API behavior, so no code changes are needed, but local test machines may need a manual cleanup if they were bloated.

How We Got Here: The CapabilityAccessManager Backstory

Capability Access Manager first appeared in Windows 10 as part of Microsoft’s push to give users fine‑grained control over what hardware apps can access. It replaced a patchwork of registry keys and Group Policy objects with a centralized service that logs permission states in an Extensible Storage Engine (ESE) or SQLite database, depending on the Windows version. Windows 11 consolidated on SQLite, which uses a write‑ahead log (WAL) for crash recovery. Normally, the WAL file is periodically “checkpointed” back into the main database and truncated. But a regression—likely introduced in the spring 2026 cumulative update—broke that checkpoint process, leaving the file to accumulate every write operation forever.

Microsoft hasn’t publicly detailed the exact cause, but internal build notes from the release health dashboard point to “an issue where a database vacuum operation fails under certain thread‑scheduling conditions, causing the CapabilityAccessManager service to retry writes indefinitely without resetting the log.” The result is a quiet, relentless disk‑space leak.

What to Do Right Now

If you’re on Windows 11 24H2 or 25H2, follow these steps to check for the problem and apply the fix.

1. Check If You’re Affected

Open File Explorer, paste this path into the address bar, and hit Enter:
C:\ProgramData\Microsoft\Windows\CapabilityAccessManager\

Look for a file named CapabilityAccessManager.db-wal. If it’s larger than a few megabytes, you’ve been hit. Right‑click the file → Properties to see its exact size.

  • Go to SettingsWindows Update
  • Click Check for updates
  • Under “Optional updates available,” you should see 2026-06 Cumulative Update Preview for Windows 11 24H2 or 25H2 (KB5095093)
  • Install it and restart when prompted

After the reboot, the service will automatically clean up the oversized WAL file. Give it a few minutes; you can confirm the file is gone or shrunk to normal size by revisiting the path above.

3. Manual Cleanup (If You Can’t Install Yet or Need Space Urgently)

If you’re critically low on space and the update keeps failing, you can safely delete the .db-wal file manually. But you must stop the service first:

  • Run Services.msc (Win + R, type services.msc)
  • Locate Capability Access Manager Service
  • Right‑click it and select Stop
  • Now delete CapabilityAccessManager.db-wal from the folder above
  • Start the service again

Important: Deleting the file without stopping the service may cause a lock error or data corruption. Once the service restarts, it will create a fresh, empty WAL file. However, unless you’ve installed KB5095093, the file will begin growing again. So treat the manual deletion as a temporary space‑recovery measure, and install the update promptly.

4. For Enterprise Rollouts

The update is available on Windows Update for Business, WSUS, and the Microsoft Update Catalog. The standalone MSU package can be downloaded from the Catalog with the search string “KB5095093.” Group Policy or SCCM can push the update. Post‑deployment, you can use a PowerShell script to scan for and remove leftover bloat across machines:

$path = "$env:ProgramData\Microsoft\Windows\CapabilityAccessManager\CapabilityAccessManager.db-wal"
if (Test-Path $path) {
    $size = (Get-Item $path).Length / 1GB
    if ($size -gt 1) {
        Stop-Service CapabilityAccessManager -Force
        Remove-Item $path -Force
        Start-Service CapabilityAccessManager
        Write-Host "Removed a $([math]::Round($size,2)) GB WAL file on $env:COMPUTERNAME"
    }
}

Run this post‑update to clean any systems where the automatic cleanup didn’t trigger.

What’s Next: The Road to a Wider Fix

KB5095093 is a preview, meaning it contains the full fix but won’t be forced on your PC until next month’s security update (tentatively July 14, 2026). If you prefer to wait, you can—but keep an eye on your free space in the meantime. Microsoft hasn’t indicated any serious side effects from the patch, and feedback from the Windows Insider community has been clean, so early adoption appears safe.

For users still on Windows 11 23H2 or earlier, this bug doesn’t apply—those versions use a different database backend. And if you’re running Windows 10, you’re entirely in the clear.

Moving forward, expect Microsoft to add more aggressive self‑healing to the CapabilityAccessManager service in future feature updates, perhaps with a watchdog that automatically prunes the WAL if it exceeds a threshold. Until then, the June 23 preview update is the definitive fix, and we recommend you grab it before your SSD becomes a victim.