CVE-2026-8863NVD

Vulnerability Summary

Multiple Microsoft-sigend UEFI SHIM bootloaders are vulnerable to SecureBoot bypass. An attacker with administrative privileges or the ability to modify the boot process could use one of the vulnerable shim bootloaders to bypass Secure Boot protections and execute arbitrary code before the operating system loads. Specific UEFI DBX update is required to block these vulnerable boot loaders.

Severity Level

HIGH(7.8)

Published Date

Jun 9, 2026

Last Modified

Jun 9, 2026

Exploitation Status

????

EPSS Score (30-Day)

0.01%Probability

Root Weakness (CWE)

N/A

CVSS v3.1 Base Metrics

Attack VectorLocal

Attack ComplexityLow

Privileges RequiredLow

User InteractionNone

ScopeUnchanged

ConfidentialityHigh

IntegrityHigh

AvailabilityHigh

External References

https://kb.cert.org/vuls/id/616257
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-8863
https://www.kb.cert.org/vuls/id/616257

Critical Alert

CVE Watchtower

CVE-2026-8863NVD

Vulnerability Summary

External References