Vulnerability-Lookup

MSRC_CVE-2026-21265

Vulnerability from csaf_microsoft - Published: 2026-01-13 08:00 - Updated: 2026-01-13 08:00

Summary

Secure Boot Certificate Expiration Security Feature Bypass Vulnerability

Notes

Additional Resources

To determine the support lifecycle for your software, see the Microsoft Support Lifecycle: https://support.microsoft.com/lifecycle

Disclaimer

The information provided in the Microsoft Knowledge Base is provided \"as is\" without warranty of any kind. Microsoft disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. In no event shall Microsoft Corporation or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Microsoft Corporation or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply.

Customer Action

Required. The vulnerability documented by this CVE requires customer action to resolve.

JSON

To clipboard

{
  "document": {
    "acknowledgments": [
      {
        "names": [
          "Microsoft"
        ]
      }
    ],
    "aggregate_severity": {
      "namespace": "https://www.microsoft.com/en-us/msrc/security-update-severity-rating-system",
      "text": "Important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Public",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en-US",
    "notes": [
      {
        "category": "general",
        "text": "To determine the support lifecycle for your software, see the Microsoft Support Lifecycle: https://support.microsoft.com/lifecycle",
        "title": "Additional Resources"
      },
      {
        "category": "legal_disclaimer",
        "text": "The information provided in the Microsoft Knowledge Base is provided \\\"as is\\\" without warranty of any kind. Microsoft disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. In no event shall Microsoft Corporation or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Microsoft Corporation or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply.",
        "title": "Disclaimer"
      },
      {
        "category": "general",
        "text": "Required. The vulnerability documented by this CVE requires customer action to resolve.",
        "title": "Customer Action"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "secure@microsoft.com",
      "name": "Microsoft Security Response Center",
      "namespace": "https://msrc.microsoft.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "CVE-2026-21265 Secure Boot Certificate Expiration Security Feature Bypass Vulnerability - HTML",
        "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-21265"
      },
      {
        "category": "self",
        "summary": "CVE-2026-21265 Secure Boot Certificate Expiration Security Feature Bypass Vulnerability - CSAF",
        "url": "https://msrc.microsoft.com/csaf/advisories/2026/msrc_cve-2026-21265.json"
      },
      {
        "category": "external",
        "summary": "Microsoft Exploitability Index",
        "url": "https://www.microsoft.com/en-us/msrc/exploitability-index?rtc=1"
      },
      {
        "category": "external",
        "summary": "Microsoft Support Lifecycle",
        "url": "https://support.microsoft.com/lifecycle"
      },
      {
        "category": "external",
        "summary": "Common Vulnerability Scoring System",
        "url": "https://www.first.org/cvss"
      }
    ],
    "title": "Secure Boot Certificate Expiration Security Feature Bypass Vulnerability",
    "tracking": {
      "current_release_date": "2026-01-13T08:00:00.000Z",
      "generator": {
        "date": "2026-01-13T18:03:51.625Z",
        "engine": {
          "name": "MSRC Generator",
          "version": "1.0"
        }
      },
      "id": "msrc_CVE-2026-21265",
      "initial_release_date": "2026-01-13T08:00:00.000Z",
      "revision_history": [
        {
          "date": "2026-01-13T08:00:00.000Z",
          "legacy_version": "1",
          "number": "1",
          "summary": "Information published."
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "category": "product_version_range",
            "name": "\u003c10.0.17763.8276",
            "product": {
              "name": "Windows 10 Version 1809 for 32-bit Systems \u003c10.0.17763.8276",
              "product_id": "21"
            }
          },
          {
            "category": "product_version",
            "name": "10.0.17763.8276",
            "product": {
              "name": "Windows 10 Version 1809 for 32-bit Systems 10.0.17763.8276",
              "product_id": "11568"
            }
          }
        ],
        "category": "product_name",
        "name": "Windows 10 Version 1809 for 32-bit Systems"
      },
      {
        "branches": [
          {
            "category": "product_version_range",
            "name": "\u003c10.0.17763.8276",
            "product": {
              "name": "Windows 10 Version 1809 for x64-based Systems \u003c10.0.17763.8276",
              "product_id": "20"
            }
          },
          {
            "category": "product_version",
            "name": "10.0.17763.8276",
            "product": {
              "name": "Windows 10 Version 1809 for x64-based Systems 10.0.17763.8276",
              "product_id": "11569"
            }
          }
        ],
        "category": "product_name",
        "name": "Windows 10 Version 1809 for x64-based Systems"
      },
      {
        "branches": [
          {
            "category": "product_version_range",
            "name": "\u003c10.0.17763.8276",
            "product": {
              "name": "Windows Server 2019 \u003c10.0.17763.8276",
              "product_id": "19"
            }
          },
          {
            "category": "product_version",
            "name": "10.0.17763.8276",
            "product": {
              "name": "Windows Server 2019 10.0.17763.8276",
              "product_id": "11571"
            }
          }
        ],
        "category": "product_name",
        "name": "Windows Server 2019"
      },
      {
        "branches": [
          {
            "category": "product_version_range",
            "name": "\u003c10.0.17763.8276",
            "product": {
              "name": "Windows Server 2019 (Server Core installation) \u003c10.0.17763.8276",
              "product_id": "18"
            }
          },
          {
            "category": "product_version",
            "name": "10.0.17763.8276",
            "product": {
              "name": "Windows Server 2019 (Server Core installation) 10.0.17763.8276",
              "product_id": "11572"
            }
          }
        ],
        "category": "product_name",
        "name": "Windows Server 2019 (Server Core installation)"
      },
      {
        "branches": [
          {
            "category": "product_version_range",
            "name": "\u003c10.0.20348.4648",
            "product": {
              "name": "Windows Server 2022 \u003c10.0.20348.4648",
              "product_id": "17"
            }
          },
          {
            "category": "product_version",
            "name": "10.0.20348.4648",
            "product": {
              "name": "Windows Server 2022 10.0.20348.4648",
              "product_id": "11923"
            }
          }
        ],
        "category": "product_name",
        "name": "Windows Server 2022"
      },
      {
        "branches": [
          {
            "category": "product_version_range",
            "name": "\u003c10.0.20348.4648",
            "product": {
              "name": "Windows Server 2022 (Server Core installation) \u003c10.0.20348.4648",
              "product_id": "16"
            }
          },
          {
            "category": "product_version",
            "name": "10.0.20348.4648",
            "product": {
              "name": "Windows Server 2022 (Server Core installation) 10.0.20348.4648",
              "product_id": "11924"
            }
          }
        ],
        "category": "product_name",
        "name": "Windows Server 2022 (Server Core installation)"
      },
      {
        "branches": [
          {
            "category": "product_version_range",
            "name": "\u003c10.0.19044.6809",
            "product": {
              "name": "Windows 10 Version 21H2 for 32-bit Systems \u003c10.0.19044.6809",
              "product_id": "15"
            }
          },
          {
            "category": "product_version",
            "name": "10.0.19044.6809",
            "product": {
              "name": "Windows 10 Version 21H2 for 32-bit Systems 10.0.19044.6809",
              "product_id": "11929"
            }
          }
        ],
        "category": "product_name",
        "name": "Windows 10 Version 21H2 for 32-bit Systems"
      },
      {
        "branches": [
          {
            "category": "product_version_range",
            "name": "\u003c10.0.19044.6809",
            "product": {
              "name": "Windows 10 Version 21H2 for ARM64-based Systems \u003c10.0.19044.6809",
              "product_id": "14"
            }
          },
          {
            "category": "product_version",
            "name": "10.0.19044.6809",
            "product": {
              "name": "Windows 10 Version 21H2 for ARM64-based Systems 10.0.19044.6809",
              "product_id": "11930"
            }
          }
        ],
        "category": "product_name",
        "name": "Windows 10 Version 21H2 for ARM64-based Systems"
      },
      {
        "branches": [
          {
            "category": "product_version_range",
            "name": "\u003c10.0.19044.6809",
            "product": {
              "name": "Windows 10 Version 21H2 for x64-based Systems \u003c10.0.19044.6809",
              "product_id": "13"
            }
          },
          {
            "category": "product_version",
            "name": "10.0.19044.6809",
            "product": {
              "name": "Windows 10 Version 21H2 for x64-based Systems 10.0.19044.6809",
              "product_id": "11931"
            }
          }
        ],
        "category": "product_name",
        "name": "Windows 10 Version 21H2 for x64-based Systems"
      },
      {
        "branches": [
          {
            "category": "product_version_range",
            "name": "\u003c10.0.19045.6809",
            "product": {
              "name": "Windows 10 Version 22H2 for x64-based Systems \u003c10.0.19045.6809",
              "product_id": "12"
            }
          },
          {
            "category": "product_version",
            "name": "10.0.19045.6809",
            "product": {
              "name": "Windows 10 Version 22H2 for x64-based Systems 10.0.19045.6809",
              "product_id": "12097"
            }
          }
        ],
        "category": "product_name",
        "name": "Windows 10 Version 22H2 for x64-based Systems"
      },
      {
        "branches": [
          {
            "category": "product_version_range",
            "name": "\u003c10.0.19045.6809",
            "product": {
              "name": "Windows 10 Version 22H2 for ARM64-based Systems \u003c10.0.19045.6809",
              "product_id": "11"
            }
          },
          {
            "category": "product_version",
            "name": "10.0.19045.6809",
            "product": {
              "name": "Windows 10 Version 22H2 for ARM64-based Systems 10.0.19045.6809",
              "product_id": "12098"
            }
          }
        ],
        "category": "product_name",
        "name": "Windows 10 Version 22H2 for ARM64-based Systems"
      },
      {
        "branches": [
          {
            "category": "product_version_range",
            "name": "\u003c10.0.19045.6809",
            "product": {
              "name": "Windows 10 Version 22H2 for 32-bit Systems \u003c10.0.19045.6809",
              "product_id": "10"
            }
          },
          {
            "category": "product_version",
            "name": "10.0.19045.6809",
            "product": {
              "name": "Windows 10 Version 22H2 for 32-bit Systems 10.0.19045.6809",
              "product_id": "12099"
            }
          }
        ],
        "category": "product_name",
        "name": "Windows 10 Version 22H2 for 32-bit Systems"
      },
      {
        "branches": [
          {
            "category": "product_version_range",
            "name": "\u003c10.0.26100.32230",
            "product": {
              "name": "Windows Server 2025 (Server Core installation) \u003c10.0.26100.32230",
              "product_id": "3"
            }
          },
          {
            "category": "product_version",
            "name": "10.0.26100.32230",
            "product": {
              "name": "Windows Server 2025 (Server Core installation) 10.0.26100.32230",
              "product_id": "12437"
            }
          }
        ],
        "category": "product_name",
        "name": "Windows Server 2025 (Server Core installation)"
      },
      {
        "branches": [
          {
            "category": "product_version_range",
            "name": "\u003c10.0.26200.7623",
            "product": {
              "name": "Windows 11 Version 25H2 for ARM64-based Systems \u003c10.0.26200.7623",
              "product_id": "2"
            }
          },
          {
            "category": "product_version",
            "name": "10.0.26200.7623",
            "product": {
              "name": "Windows 11 Version 25H2 for ARM64-based Systems 10.0.26200.7623",
              "product_id": "20437"
            }
          }
        ],
        "category": "product_name",
        "name": "Windows 11 Version 25H2 for ARM64-based Systems"
      },
      {
        "branches": [
          {
            "category": "product_version_range",
            "name": "\u003c10.0.26200.7623",
            "product": {
              "name": "Windows 11 Version 25H2 for x64-based Systems \u003c10.0.26200.7623",
              "product_id": "1"
            }
          },
          {
            "category": "product_version",
            "name": "10.0.26200.7623",
            "product": {
              "name": "Windows 11 Version 25H2 for x64-based Systems 10.0.26200.7623",
              "product_id": "20438"
            }
          }
        ],
        "category": "product_name",
        "name": "Windows 11 Version 25H2 for x64-based Systems"
      },
      {
        "branches": [
          {
            "category": "product_version_range",
            "name": "\u003c10.0.22631.6491",
            "product": {
              "name": "Windows 11 Version 23H2 for ARM64-based Systems \u003c10.0.22631.6491",
              "product_id": "9"
            }
          },
          {
            "category": "product_version",
            "name": "10.0.22631.6491",
            "product": {
              "name": "Windows 11 Version 23H2 for ARM64-based Systems 10.0.22631.6491",
              "product_id": "12242"
            }
          }
        ],
        "category": "product_name",
        "name": "Windows 11 Version 23H2 for ARM64-based Systems"
      },
      {
        "branches": [
          {
            "category": "product_version_range",
            "name": "\u003c10.0.22631.6491",
            "product": {
              "name": "Windows 11 Version 23H2 for x64-based Systems \u003c10.0.22631.6491",
              "product_id": "8"
            }
          },
          {
            "category": "product_version",
            "name": "10.0.22631.6491",
            "product": {
              "name": "Windows 11 Version 23H2 for x64-based Systems 10.0.22631.6491",
              "product_id": "12243"
            }
          }
        ],
        "category": "product_name",
        "name": "Windows 11 Version 23H2 for x64-based Systems"
      },
      {
        "branches": [
          {
            "category": "product_version_range",
            "name": "\u003c10.0.25398.2092",
            "product": {
              "name": "Windows Server 2022, 23H2 Edition (Server Core installation) \u003c10.0.25398.2092",
              "product_id": "7"
            }
          },
          {
            "category": "product_version",
            "name": "10.0.25398.2092",
            "product": {
              "name": "Windows Server 2022, 23H2 Edition (Server Core installation) 10.0.25398.2092",
              "product_id": "12244"
            }
          }
        ],
        "category": "product_name",
        "name": "Windows Server 2022, 23H2 Edition (Server Core installation)"
      },
      {
        "branches": [
          {
            "category": "product_version_range",
            "name": "\u003c10.0.26100.7623",
            "product": {
              "name": "Windows 11 Version 24H2 for ARM64-based Systems \u003c10.0.26100.7623",
              "product_id": "6"
            }
          },
          {
            "category": "product_version",
            "name": "10.0.26100.7623",
            "product": {
              "name": "Windows 11 Version 24H2 for ARM64-based Systems 10.0.26100.7623",
              "product_id": "12389"
            }
          }
        ],
        "category": "product_name",
        "name": "Windows 11 Version 24H2 for ARM64-based Systems"
      },
      {
        "branches": [
          {
            "category": "product_version_range",
            "name": "\u003c10.0.26100.7623",
            "product": {
              "name": "Windows 11 Version 24H2 for x64-based Systems \u003c10.0.26100.7623",
              "product_id": "5"
            }
          },
          {
            "category": "product_version",
            "name": "10.0.26100.7623",
            "product": {
              "name": "Windows 11 Version 24H2 for x64-based Systems 10.0.26100.7623",
              "product_id": "12390"
            }
          }
        ],
        "category": "product_name",
        "name": "Windows 11 Version 24H2 for x64-based Systems"
      },
      {
        "branches": [
          {
            "category": "product_version_range",
            "name": "\u003c10.0.26100.32230",
            "product": {
              "name": "Windows Server 2025 \u003c10.0.26100.32230",
              "product_id": "4"
            }
          },
          {
            "category": "product_version",
            "name": "10.0.26100.32230",
            "product": {
              "name": "Windows Server 2025 10.0.26100.32230",
              "product_id": "12436"
            }
          }
        ],
        "category": "product_name",
        "name": "Windows Server 2025"
      },
      {
        "branches": [
          {
            "category": "product_version_range",
            "name": "\u003c10.0.14393.8783",
            "product": {
              "name": "Windows 10 Version 1607 for 32-bit Systems \u003c10.0.14393.8783",
              "product_id": "24"
            }
          },
          {
            "category": "product_version",
            "name": "10.0.14393.8783",
            "product": {
              "name": "Windows 10 Version 1607 for 32-bit Systems 10.0.14393.8783",
              "product_id": "10852"
            }
          }
        ],
        "category": "product_name",
        "name": "Windows 10 Version 1607 for 32-bit Systems"
      },
      {
        "branches": [
          {
            "category": "product_version_range",
            "name": "\u003c10.0.14393.8783",
            "product": {
              "name": "Windows 10 Version 1607 for x64-based Systems \u003c10.0.14393.8783",
              "product_id": "23"
            }
          },
          {
            "category": "product_version",
            "name": "10.0.14393.8783",
            "product": {
              "name": "Windows 10 Version 1607 for x64-based Systems 10.0.14393.8783",
              "product_id": "10853"
            }
          }
        ],
        "category": "product_name",
        "name": "Windows 10 Version 1607 for x64-based Systems"
      },
      {
        "branches": [
          {
            "category": "product_version_range",
            "name": "\u003c10.0.14393.8783",
            "product": {
              "name": "Windows Server 2016 \u003c10.0.14393.8783",
              "product_id": "25"
            }
          },
          {
            "category": "product_version",
            "name": "10.0.14393.8783",
            "product": {
              "name": "Windows Server 2016 10.0.14393.8783",
              "product_id": "10816"
            }
          }
        ],
        "category": "product_name",
        "name": "Windows Server 2016"
      },
      {
        "branches": [
          {
            "category": "product_version_range",
            "name": "\u003c10.0.14393.8783",
            "product": {
              "name": "Windows Server 2016 (Server Core installation) \u003c10.0.14393.8783",
              "product_id": "22"
            }
          },
          {
            "category": "product_version",
            "name": "10.0.14393.8783",
            "product": {
              "name": "Windows Server 2016 (Server Core installation) 10.0.14393.8783",
              "product_id": "10855"
            }
          }
        ],
        "category": "product_name",
        "name": "Windows Server 2016 (Server Core installation)"
      },
      {
        "branches": [
          {
            "category": "product_version_range",
            "name": "\u003c6.2.9200.25868",
            "product": {
              "name": "Windows Server 2012 \u003c6.2.9200.25868",
              "product_id": "29"
            }
          },
          {
            "category": "product_version",
            "name": "6.2.9200.25868",
            "product": {
              "name": "Windows Server 2012 6.2.9200.25868",
              "product_id": "10378"
            }
          }
        ],
        "category": "product_name",
        "name": "Windows Server 2012"
      },
      {
        "branches": [
          {
            "category": "product_version_range",
            "name": "\u003c6.2.9200.25868",
            "product": {
              "name": "Windows Server 2012 (Server Core installation) \u003c6.2.9200.25868",
              "product_id": "28"
            }
          },
          {
            "category": "product_version",
            "name": "6.2.9200.25868",
            "product": {
              "name": "Windows Server 2012 (Server Core installation) 6.2.9200.25868",
              "product_id": "10379"
            }
          }
        ],
        "category": "product_name",
        "name": "Windows Server 2012 (Server Core installation)"
      },
      {
        "branches": [
          {
            "category": "product_version_range",
            "name": "\u003c6.3.9600.22968",
            "product": {
              "name": "Windows Server 2012 R2 \u003c6.3.9600.22968",
              "product_id": "27"
            }
          },
          {
            "category": "product_version",
            "name": "6.3.9600.22968",
            "product": {
              "name": "Windows Server 2012 R2 6.3.9600.22968",
              "product_id": "10483"
            }
          }
        ],
        "category": "product_name",
        "name": "Windows Server 2012 R2"
      },
      {
        "branches": [
          {
            "category": "product_version_range",
            "name": "\u003c6.3.9600.22968",
            "product": {
              "name": "Windows Server 2012 R2 (Server Core installation) \u003c6.3.9600.22968",
              "product_id": "26"
            }
          },
          {
            "category": "product_version",
            "name": "6.3.9600.22968",
            "product": {
              "name": "Windows Server 2012 R2 (Server Core installation) 6.3.9600.22968",
              "product_id": "10543"
            }
          }
        ],
        "category": "product_name",
        "name": "Windows Server 2012 R2 (Server Core installation)"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2026-21265",
      "notes": [
        {
          "category": "general",
          "text": "Microsoft",
          "title": "Assigning CNA"
        },
        {
          "category": "faq",
          "text": "An attacker who successfully exploited this vulnerability could bypass Secure Boot.",
          "title": "What kind of security feature could be bypassed by successfully exploiting this vulnerability?"
        },
        {
          "category": "faq",
          "text": "To understand more about Windows Secure Boot and the importance of taking immediate action to renew your certificates see Windows Secure Boot certificate expiration and CA updates.\nSee also the following links for the actions you need to take based on your Windows device:\nWindows devices for home users, businesses, and schools with Microsoft-managed updates, Windows devices with IT-managed updates, Secure Boot FAQs can be found here: Secure Boot FAQs",
          "title": "Where can I find more information about Windows Secure Boot certificate expiration?"
        },
        {
          "category": "faq",
          "text": "Successful exploitation of this vulnerability requires an attacker to have a deep understanding of the system and the ability to manipulate its components to trigger a specific condition. Successful exploitation is not guaranteed and depends on a combination of factors that may include the environment, system configuration, and the presence of additional security measures.",
          "title": "According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability?"
        }
      ],
      "product_status": {
        "fixed": [
          "10378",
          "10379",
          "10483",
          "10543",
          "10816",
          "10852",
          "10853",
          "10855",
          "11568",
          "11569",
          "11571",
          "11572",
          "11923",
          "11924",
          "11929",
          "11930",
          "11931",
          "12097",
          "12098",
          "12099",
          "12242",
          "12243",
          "12244",
          "12389",
          "12390",
          "12436",
          "12437",
          "20437",
          "20438"
        ],
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5",
          "6",
          "7",
          "8",
          "9",
          "10",
          "11",
          "12",
          "13",
          "14",
          "15",
          "16",
          "17",
          "18",
          "19",
          "20",
          "21",
          "22",
          "23",
          "24",
          "25",
          "26",
          "27",
          "28",
          "29"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2026-21265 Secure Boot Certificate Expiration Security Feature Bypass Vulnerability - HTML",
          "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-21265"
        },
        {
          "category": "self",
          "summary": "CVE-2026-21265 Secure Boot Certificate Expiration Security Feature Bypass Vulnerability - CSAF",
          "url": "https://msrc.microsoft.com/csaf/advisories/2026/msrc_cve-2026-21265.json"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-01-13T08:00:00.000Z",
          "details": "10.0.17763.8276:Security Update:https://support.microsoft.com/help/5073723",
          "product_ids": [
            "21",
            "20",
            "19",
            "18"
          ],
          "url": "https://support.microsoft.com/help/5073723"
        },
        {
          "category": "vendor_fix",
          "date": "2026-01-13T08:00:00.000Z",
          "details": "10.0.20348.4648:Security Update:https://support.microsoft.com/help/5073457",
          "product_ids": [
            "17",
            "16"
          ],
          "url": "https://support.microsoft.com/help/5073457"
        },
        {
          "category": "vendor_fix",
          "date": "2026-01-13T08:00:00.000Z",
          "details": "10.0.19044.6809:Security Update:https://support.microsoft.com/help/5073724",
          "product_ids": [
            "15",
            "14",
            "13"
          ],
          "url": "https://support.microsoft.com/help/5073724"
        },
        {
          "category": "vendor_fix",
          "date": "2026-01-13T08:00:00.000Z",
          "details": "10.0.19045.6809:Security Update:https://support.microsoft.com/help/5073724",
          "product_ids": [
            "12",
            "11",
            "10"
          ],
          "url": "https://support.microsoft.com/help/5073724"
        },
        {
          "category": "vendor_fix",
          "date": "2026-01-13T08:00:00.000Z",
          "details": "10.0.26100.32230:Security Update:https://support.microsoft.com/en-us/topic/a6021fd2-b3b7-45a7-b68e-35c28a2a77da",
          "product_ids": [
            "3",
            "4"
          ],
          "url": "https://support.microsoft.com/en-us/topic/a6021fd2-b3b7-45a7-b68e-35c28a2a77da"
        },
        {
          "category": "vendor_fix",
          "date": "2026-01-13T08:00:00.000Z",
          "details": "10.0.26200.7623:Security Update:https://support.microsoft.com/help/5074109",
          "product_ids": [
            "2",
            "1"
          ],
          "url": "https://support.microsoft.com/help/5074109"
        },
        {
          "category": "vendor_fix",
          "date": "2026-01-13T08:00:00.000Z",
          "details": "10.0.22631.6491:Security Update:https://support.microsoft.com/help/5073455",
          "product_ids": [
            "9",
            "8"
          ],
          "url": "https://support.microsoft.com/help/5073455"
        },
        {
          "category": "vendor_fix",
          "date": "2026-01-13T08:00:00.000Z",
          "details": "10.0.25398.2092:Security Update:https://support.microsoft.com/help/5073450",
          "product_ids": [
            "7"
          ],
          "url": "https://support.microsoft.com/help/5073450"
        },
        {
          "category": "vendor_fix",
          "date": "2026-01-13T08:00:00.000Z",
          "details": "10.0.26100.7623:Security Update:https://support.microsoft.com/help/5074109",
          "product_ids": [
            "6",
            "5"
          ],
          "url": "https://support.microsoft.com/help/5074109"
        },
        {
          "category": "vendor_fix",
          "date": "2026-01-13T08:00:00.000Z",
          "details": "10.0.14393.8783:Security Update:https://support.microsoft.com/help/5073722",
          "product_ids": [
            "24",
            "23",
            "25",
            "22"
          ],
          "url": "https://support.microsoft.com/help/5073722"
        },
        {
          "category": "vendor_fix",
          "date": "2026-01-13T08:00:00.000Z",
          "details": "6.2.9200.25868:Monthly Rollup:https://support.microsoft.com/help/5073698",
          "product_ids": [
            "29",
            "28"
          ],
          "url": "https://support.microsoft.com/help/5073698"
        },
        {
          "category": "vendor_fix",
          "date": "2026-01-13T08:00:00.000Z",
          "details": "6.3.9600.22968:Monthly Rollup:https://support.microsoft.com/help/5073696",
          "product_ids": [
            "27",
            "26"
          ],
          "url": "https://support.microsoft.com/help/5073696"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 6.4,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "environmentalsScore": 0.0,
            "exploitCodeMaturity": "UNPROVEN",
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "remediationLevel": "OFFICIAL_FIX",
            "reportConfidence": "CONFIRMED",
            "scope": "UNCHANGED",
            "temporalScore": 5.6,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5",
            "6",
            "7",
            "8",
            "9",
            "10",
            "11",
            "12",
            "13",
            "14",
            "15",
            "16",
            "17",
            "18",
            "19",
            "20",
            "21",
            "22",
            "23",
            "24",
            "25",
            "26",
            "27",
            "28",
            "29"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Security Feature Bypass"
        },
        {
          "category": "exploit_status",
          "details": "Publicly Disclosed:Yes;Exploited:No;Latest Software Release:Exploitation Less Likely"
        }
      ],
      "title": "Secure Boot Certificate Expiration Security Feature Bypass Vulnerability"
    }
  ]
}

CVE-2026-21265 (GCVE-0-2026-21265)

Vulnerability from cvelistv5 – Published: 2026-01-13 17:56 – Updated: 2026-01-14 19:28

Title

Secure Boot Certificate Expiration Security Feature Bypass Vulnerability

Summary

Windows Secure Boot stores Microsoft certificates in the UEFI KEK and DB. These original certificates are approaching expiration, and devices containing affected certificate versions must update them to maintain Secure Boot functionality and avoid compromising security by losing security fixes related to Windows boot manager or Secure Boot. The operating system’s certificate update protection mechanism relies on firmware components that might contain defects, which can cause certificate trust updates to fail or behave unpredictably. This leads to potential disruption of the Secure Boot trust chain and requires careful validation and deployment to restore intended security guarantees. Certificate Authority (CA) Location Purpose Expiration Date Microsoft Corporation KEK CA 2011 KEK Signs updates to the DB and DBX 06/24/2026 Microsoft Corporation UEFI CA 2011 DB Signs 3rd party boot loaders, Option ROMs, etc. 06/27/2026 Microsoft Windows Production PCA 2011 DB Signs the Windows Boot Manager 10/19/2026 For more information see this CVE and Windows Secure Boot certificate expiration and CA updates.

Severity ?

6.4 (Medium)


                        
                          CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

CWE

CWE-1329 - - Reliance on Component That is Not Updateable

Assigner

microsoft

References

URL

Tags

https://msrc.microsoft.com/update-guide/vulnerabi…

vendor-advisorypatch

Impacted products

Vendor

Product

Version

Microsoft

Windows 10 Version 1809

Affected: 10.0.17763.0 , < 10.0.17763.8276 (custom)

Microsoft	Windows Server 2019	Affected: 10.0.17763.0 , < 10.0.17763.8276 (custom)
Microsoft	Windows Server 2019 (Server Core installation)	Affected: 10.0.17763.0 , < 10.0.17763.8276 (custom)
Microsoft	Windows Server 2022	Affected: 10.0.20348.0 , < 10.0.20348.4648 (custom)
Microsoft	Windows 10 Version 21H2	Affected: 10.0.19044.0 , < 10.0.19044.6809 (custom)
Microsoft	Windows 10 Version 22H2	Affected: 10.0.19045.0 , < 10.0.19045.6809 (custom)
Microsoft	Windows Server 2025 (Server Core installation)	Affected: 10.0.26100.0 , < 10.0.26100.32230 (custom)
Microsoft	Windows 11 Version 25H2	Affected: 10.0.26200.0 , < 10.0.26200.7623 (custom)
Microsoft	Windows 11 version 22H3	Affected: 10.0.22631.0 , < 10.0.22631.6491 (custom)
Microsoft	Windows 11 Version 23H2	Affected: 10.0.22631.0 , < 10.0.22631.6491 (custom)
Microsoft	Windows Server 2022, 23H2 Edition (Server Core installation)	Affected: 10.0.25398.0 , < 10.0.25398.2092 (custom)
Microsoft	Windows 11 Version 24H2	Affected: 10.0.26100.0 , < 10.0.26100.7623 (custom)
Microsoft	Windows Server 2025	Affected: 10.0.26100.0 , < 10.0.26100.32230 (custom)
Microsoft	Windows 10 Version 1607	Affected: 10.0.14393.0 , < 10.0.14393.8783 (custom)
Microsoft	Windows Server 2016	Affected: 10.0.14393.0 , < 10.0.14393.8783 (custom)
Microsoft	Windows Server 2016 (Server Core installation)	Affected: 10.0.14393.0 , < 10.0.14393.8783 (custom)
Microsoft	Windows Server 2012	Affected: 6.2.9200.0 , < 6.2.9200.25868 (custom)
Microsoft	Windows Server 2012 (Server Core installation)	Affected: 6.2.9200.0 , < 6.2.9200.25868 (custom)
Microsoft	Windows Server 2012 R2	Affected: 6.3.9600.0 , < 6.3.9600.22968 (custom)
Microsoft	Windows Server 2012 R2 (Server Core installation)	Affected: 6.3.9600.0 , < 6.3.9600.22968 (custom)

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-21265",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-01-14T04:57:08.255762Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-01-14T19:28:58.114Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "platforms": [
            "32-bit Systems",
            "x64-based Systems"
          ],
          "product": "Windows 10 Version 1809",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.17763.8276",
              "status": "affected",
              "version": "10.0.17763.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "platforms": [
            "x64-based Systems"
          ],
          "product": "Windows Server 2019",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.17763.8276",
              "status": "affected",
              "version": "10.0.17763.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "platforms": [
            "x64-based Systems"
          ],
          "product": "Windows Server 2019 (Server Core installation)",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.17763.8276",
              "status": "affected",
              "version": "10.0.17763.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "platforms": [
            "x64-based Systems"
          ],
          "product": "Windows Server 2022",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.20348.4648",
              "status": "affected",
              "version": "10.0.20348.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "platforms": [
            "32-bit Systems",
            "ARM64-based Systems",
            "x64-based Systems"
          ],
          "product": "Windows 10 Version 21H2",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.19044.6809",
              "status": "affected",
              "version": "10.0.19044.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "platforms": [
            "x64-based Systems",
            "ARM64-based Systems",
            "32-bit Systems"
          ],
          "product": "Windows 10 Version 22H2",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.19045.6809",
              "status": "affected",
              "version": "10.0.19045.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "platforms": [
            "x64-based Systems"
          ],
          "product": "Windows Server 2025 (Server Core installation)",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.26100.32230",
              "status": "affected",
              "version": "10.0.26100.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "Windows 11 Version 25H2",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.26200.7623",
              "status": "affected",
              "version": "10.0.26200.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "platforms": [
            "ARM64-based Systems"
          ],
          "product": "Windows 11 version 22H3",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.22631.6491",
              "status": "affected",
              "version": "10.0.22631.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "platforms": [
            "x64-based Systems"
          ],
          "product": "Windows 11 Version 23H2",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.22631.6491",
              "status": "affected",
              "version": "10.0.22631.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "platforms": [
            "x64-based Systems"
          ],
          "product": "Windows Server 2022, 23H2 Edition (Server Core installation)",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.25398.2092",
              "status": "affected",
              "version": "10.0.25398.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "platforms": [
            "ARM64-based Systems",
            "x64-based Systems"
          ],
          "product": "Windows 11 Version 24H2",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.26100.7623",
              "status": "affected",
              "version": "10.0.26100.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "platforms": [
            "x64-based Systems"
          ],
          "product": "Windows Server 2025",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.26100.32230",
              "status": "affected",
              "version": "10.0.26100.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "platforms": [
            "32-bit Systems",
            "x64-based Systems"
          ],
          "product": "Windows 10 Version 1607",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.14393.8783",
              "status": "affected",
              "version": "10.0.14393.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "platforms": [
            "x64-based Systems"
          ],
          "product": "Windows Server 2016",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.14393.8783",
              "status": "affected",
              "version": "10.0.14393.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "platforms": [
            "x64-based Systems"
          ],
          "product": "Windows Server 2016 (Server Core installation)",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.14393.8783",
              "status": "affected",
              "version": "10.0.14393.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "platforms": [
            "x64-based Systems"
          ],
          "product": "Windows Server 2012",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "6.2.9200.25868",
              "status": "affected",
              "version": "6.2.9200.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "platforms": [
            "x64-based Systems"
          ],
          "product": "Windows Server 2012 (Server Core installation)",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "6.2.9200.25868",
              "status": "affected",
              "version": "6.2.9200.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "platforms": [
            "x64-based Systems"
          ],
          "product": "Windows Server 2012 R2",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "6.3.9600.22968",
              "status": "affected",
              "version": "6.3.9600.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "platforms": [
            "x64-based Systems"
          ],
          "product": "Windows Server 2012 R2 (Server Core installation)",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "6.3.9600.22968",
              "status": "affected",
              "version": "6.3.9600.0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:*",
                  "versionEndExcluding": "10.0.17763.8276",
                  "versionStartIncluding": "10.0.17763.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "10.0.17763.8276",
                  "versionStartIncluding": "10.0.17763.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "10.0.17763.8276",
                  "versionStartIncluding": "10.0.17763.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "10.0.20348.4648",
                  "versionStartIncluding": "10.0.20348.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:microsoft:windows_10_21H2:*:*:*:*:*:*:x86:*",
                  "versionEndExcluding": "10.0.19044.6809",
                  "versionStartIncluding": "10.0.19044.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:microsoft:windows_10_22H2:*:*:*:*:*:*:x64:*",
                  "versionEndExcluding": "10.0.19045.6809",
                  "versionStartIncluding": "10.0.19045.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:microsoft:windows_server_2025:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "10.0.26100.32230",
                  "versionStartIncluding": "10.0.26100.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:microsoft:windows_11_25H2:*:*:*:*:*:*:arm64:*",
                  "versionEndExcluding": "10.0.26200.7623",
                  "versionStartIncluding": "10.0.26200.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:microsoft:windows_11_23H2:*:*:*:*:*:*:arm64:*",
                  "versionEndExcluding": "10.0.22631.6491",
                  "versionStartIncluding": "10.0.22631.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:microsoft:windows_11_23H2:*:*:*:*:*:*:x64:*",
                  "versionEndExcluding": "10.0.22631.6491",
                  "versionStartIncluding": "10.0.22631.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:microsoft:windows_server_23h2:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "10.0.25398.2092",
                  "versionStartIncluding": "10.0.25398.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:microsoft:windows_11_24H2:*:*:*:*:*:*:arm64:*",
                  "versionEndExcluding": "10.0.26100.7623",
                  "versionStartIncluding": "10.0.26100.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:microsoft:windows_server_2025:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "10.0.26100.32230",
                  "versionStartIncluding": "10.0.26100.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x86:*",
                  "versionEndExcluding": "10.0.14393.8783",
                  "versionStartIncluding": "10.0.14393.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "10.0.14393.8783",
                  "versionStartIncluding": "10.0.14393.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "10.0.14393.8783",
                  "versionStartIncluding": "10.0.14393.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:microsoft:windows_server_2012:*:*:*:*:*:*:x64:*",
                  "versionEndExcluding": "6.2.9200.25868",
                  "versionStartIncluding": "6.2.9200.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:microsoft:windows_server_2012:*:*:*:*:*:*:x64:*",
                  "versionEndExcluding": "6.2.9200.25868",
                  "versionStartIncluding": "6.2.9200.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:microsoft:windows_server_2012_R2:*:*:*:*:*:*:x64:*",
                  "versionEndExcluding": "6.3.9600.22968",
                  "versionStartIncluding": "6.3.9600.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:microsoft:windows_server_2012_R2:*:*:*:*:*:*:x64:*",
                  "versionEndExcluding": "6.3.9600.22968",
                  "versionStartIncluding": "6.3.9600.0",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ]
        }
      ],
      "datePublic": "2026-01-13T08:00:00.000Z",
      "descriptions": [
        {
          "lang": "en-US",
          "value": "Windows Secure Boot stores Microsoft certificates in the UEFI KEK and DB. These original certificates are approaching expiration, and devices containing affected certificate versions must update them to maintain Secure Boot functionality and avoid compromising security by losing security fixes related to Windows boot manager or Secure Boot.\nThe operating system\u2019s certificate update protection mechanism relies on firmware components that might contain defects, which can cause certificate trust updates to fail or behave unpredictably. This leads to potential disruption of the Secure Boot trust chain and requires careful validation and deployment to restore intended security guarantees.\n\n\n\nCertificate Authority (CA)\nLocation\nPurpose\nExpiration Date\n\n\n\n\nMicrosoft Corporation KEK CA 2011\nKEK\nSigns updates to the DB and DBX\n06/24/2026\n\n\nMicrosoft Corporation UEFI CA 2011\nDB\nSigns 3rd party boot loaders, Option ROMs, etc.\n06/27/2026\n\n\nMicrosoft Windows Production PCA 2011\nDB\nSigns the Windows Boot Manager\n10/19/2026\n\n\n\nFor more information see this CVE and Windows Secure Boot certificate expiration and CA updates."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "baseScore": 6.4,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en-US",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-1329",
              "description": "CWE-1329 - Reliance on Component That is Not Updateable",
              "lang": "en-US",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-01-13T18:03:52.015Z",
        "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
        "shortName": "microsoft"
      },
      "references": [
        {
          "name": "Secure Boot Certificate Expiration Security Feature Bypass Vulnerability",
          "tags": [
            "vendor-advisory",
            "patch"
          ],
          "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-21265"
        }
      ],
      "title": "Secure Boot Certificate Expiration Security Feature Bypass Vulnerability"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
    "assignerShortName": "microsoft",
    "cveId": "CVE-2026-21265",
    "datePublished": "2026-01-13T17:56:04.224Z",
    "dateReserved": "2025-12-11T21:02:05.738Z",
    "dateUpdated": "2026-01-14T19:28:58.114Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

MSRC_CVE-2026-21265

CVE-2026-21265 (GCVE-0-2026-21265)

Tags

Sightings

Nomenclature