TopVuln

Details

CVSS v3

8.8

NVD published

2026-02-10 18:16:33

CISA date

2026-02-10

EPSS

2.9% probability · 86.2th percentile — 2026-03-21

Affected versions

cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x64:* cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x86:* cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:* cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:* cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:arm64:* cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:x64:* cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:x86:* cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:arm64:* cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:x64:* cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:x86:* cpe:2.3:o:microsoft:windows_11_23h2:*:*:*:*:*:*:arm64:* cpe:2.3:o:microsoft:windows_11_23h2:*:*:*:*:*:*:x64:* cpe:2.3:o:microsoft:windows_11_24h2:*:*:*:*:*:*:arm64:* cpe:2.3:o:microsoft:windows_11_24h2:*:*:*:*:*:*:x64:* cpe:2.3:o:microsoft:windows_11_25h2:*:*:*:*:*:*:arm64:* cpe:2.3:o:microsoft:windows_11_25h2:*:*:*:*:*:*:x64:* cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:* cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:* cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:* cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:* cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:* cpe:2.3:o:microsoft:windows_server_2022_23h2:*:*:*:*:*:*:*:* cpe:2.3:o:microsoft:windows_server_2025:*:*:*:*:*:*:*:*

Summary

Microsoft Windows Shell contains a protection mechanism failure vulnerability that could allow an unauthorized attacker to bypass a security feature over a network.

Remediation

Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

Exploit info

No exploit-tagged NVD references in our cache; see the CISA KEV link below.