CVE-2026-58638
Windows Boot Loader Security Feature Bypass Vulnerability
Description
Missing cryptographic step in Windows Boot Loader allows an authorized attacker to bypass a security feature locally.
In plain language
AI Act nowCVE-2026-58638 is a Windows problem where a user with local access can bypass a security feature; if you only use Windows normally (no special local/admin exposure), it’s less likely, but RED means you should patch these Windows versions.
CVE-2026-58638 is a security-feature bypass in the Windows Boot Loader: a missing cryptographic check lets a local, authorized attacker bypass a security control (no user interaction required), affecting Windows 10/11 and multiple Windows Server releases.
What to do now
- Check which of these you run: windows 10, windows 11, windows server 2012, windows server 2012 r2, windows server 2016, windows server 2019, windows server 2022, windows server 2025.
- Compare your current Windows build/version against the fixed versions listed in this advisory (below in your IT ticket) for your exact OS.
- Update each affected machine to the fixed version for your platform (do this even if you believe the machine is “safe,” because the issue is in the boot loader security feature).
- If you can’t patch immediately, limit “local access” to Windows accounts (reduce who can log on to consoles/terminals) and protect physical/interactive access until updates are applied.
CVSS Vector Breakdown
AV:LAttack VectorAC:LAttack ComplexityPR:HPrivileges RequiredUI:NUser InteractionS:UScopeC:HConfidentialityI:HIntegrityA:NAvailabilityWeaknesses
Affected Products
Exploitability
References
Unlock Complete Vulnerability Intelligence
Get the full picture for CVE-2026-58638 and every CVE in our database. Create a free account — no credit card required.
Create Free Account