← All CVEs

CVE-2026-8863

HIGH 7.8

Published 2026-06-09 · Last modified 2026-06-10

Multiple Microsoft-sigend UEFI SHIM bootloaders are vulnerable to SecureBoot bypass. An attacker with administrative privileges or the ability to modify the boot process could use one of the vulnerable shim bootloaders to bypass Secure Boot protections and execute arbitrary code before the operating system loads. Specific UEFI DBX update is required to block these vulnerable boot loaders.

ELEVATED IMPACT

Severe if exploited (CVSS 7.8), but no known exploitation and low modeled probability. Patch on a normal cadence.

Exploitation likelihood

0.1%chance of exploitation in 30 days · 1st percentile

○ In CISA KEV ○ Public exploit / PoC

Impact if exploited

7.8CVSS 3.1 · HIGH

  • ConfidentialityHigh
  • IntegrityHigh
  • AvailabilityHigh

What an attacker needs

  • Access: Requires local access to the host
  • Privileges: Requires a low-privilege account
  • User interaction: No user interaction needed
  • Complexity: No special conditions — reliably repeatable

✓ lowers the bar for an attacker · ⚠ raises it

Affected

Vendors Oracle Corporation Pc Doctor Spyrus Blancco Uk Baramundi Software Suse Linux Finland Matriculation Board Ntc It Rosa Llc

Products Oraclelinux(7.2) Shim Service Center Enterprise Service Center Drive Erase Service Center Japan Service Center Network Factory For Linux (Bootable Diagnostics) Factory For Linux (Bootable Diagnostics) Wtgcreator

Weakness (CWE)

Not classified.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Sources: NVD · CVE.org · EPSS