{"cve":{"cve_id":"CVE-2026-8863","is_kev":false,"kev_date_added":null,"kev_vendor_project":null,"kev_product":null,"kev_vulnerability_name":null,"kev_short_description":null,"kev_required_action":null,"kev_due_date":null,"kev_known_ransomware":null,"kev_notes":null,"kev_cwes":null,"epss_score":0.00097,"epss_percentile":0.00941,"epss_as_of":"2026-06-23","description":"Multiple Microsoft-sigend UEFI SHIM bootloaders are vulnerable to SecureBoot bypass. An attacker with administrative privileges or the ability to modify the boot process could use one of the vulnerable shim bootloaders to bypass Secure Boot protections and execute arbitrary code before the operating system loads. Specific UEFI DBX update is required to block these vulnerable boot loaders.","published_at":"2026-06-09T18:10:15.426000Z","last_modified_at":null,"cvss_v3_score":7.8,"cvss_v3_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","cvss_v3_severity":"HIGH","cvss_v4_score":null,"cvss_v4_vector":null,"cvss_v4_severity":null,"ssvc_decision":null,"ssvc_exploitation":null,"ssvc_automatable":null,"ssvc_technical_impact":null,"cwes":null,"nvd_references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-8863","https://kb.cert.org/vuls/id/616257"],"vuln_status":null,"trending_score":null,"is_trending":false,"has_trended":false,"trended_number_one":false,"trending_peak_score":null,"trending_peak_rank":null,"started_trending_at":null,"trended_number_one_at":null,"summary_generated":null,"summary_generated_at":null,"summary_model":null,"created_at":"2026-06-24T00:09:39.878444Z","updated_at":"2026-06-28T23:31:10.822903Z"},"effective_severity":"HIGH","badges":[],"impact_analysis":[],"cvss_v3_decoded":{"version":"3.1","metrics":[{"metric":"AV","name":"Attack Vector","value":"L","value_label":"Local"},{"metric":"AC","name":"Attack Complexity","value":"L","value_label":"Low"},{"metric":"PR","name":"Privileges Required","value":"L","value_label":"Low"},{"metric":"UI","name":"User Interaction","value":"N","value_label":"None"},{"metric":"S","name":"Scope","value":"U","value_label":"Unchanged"},{"metric":"C","name":"Confidentiality","value":"H","value_label":"High"},{"metric":"I","name":"Integrity","value":"H","value_label":"High"},{"metric":"A","name":"Availability","value":"H","value_label":"High"}]},"cvss_v4_decoded":{"version":null,"metrics":[]},"affected":[{"vendor_slug":"baramundi-software","vendor_name":"baramundi software","product_slug":"baramundi-management-suite","product_name":"baramundi Management Suite","version_start":null,"version_start_inclusive":true,"version_end":"2024R1","version_end_inclusive":true,"cpe23_uri":"cve5:baramundi-software:baramundi-management-suite:*:2024R1"},{"vendor_slug":"blancco-uk","vendor_name":"Blancco UK","product_slug":"whitecanyon-wipedrive","product_name":"WhiteCanyon WipeDrive","version_start":"8.0.0","version_start_inclusive":true,"version_end":"8.1.3","version_end_inclusive":true,"cpe23_uri":"cve5:blancco-uk:whitecanyon-wipedrive:8.0.0:8.1.3"},{"vendor_slug":"finland-matriculation-board","vendor_name":"Finland Matriculation Board","product_slug":"abitti-1","product_name":"Abitti 1","version_start":"1.0.0","version_start_inclusive":true,"version_end":"1.0.0","version_end_inclusive":true,"cpe23_uri":"cve5:finland-matriculation-board:abitti-1:1.0.0:1.0.0"},{"vendor_slug":"ntc-it-rosa-llc","vendor_name":"NTC IT ROSA LLC","product_slug":"rosalinux","product_name":"RosaLinux","version_start":"R10","version_start_inclusive":true,"version_end":"R10","version_end_inclusive":true,"cpe23_uri":"cve5:ntc-it-rosa-llc:rosalinux:R10:R10"},{"vendor_slug":"ntc-it-rosa-llc","vendor_name":"NTC IT ROSA LLC","product_slug":"rosalinux","product_name":"RosaLinux","version_start":"R9","version_start_inclusive":true,"version_end":"R9","version_end_inclusive":true,"cpe23_uri":"cve5:ntc-it-rosa-llc:rosalinux:R9:R9"},{"vendor_slug":"oracle-corporation","vendor_name":"Oracle Corporation","product_slug":"oraclelinux-7.2-shim","product_name":"OracleLinux(7.2) shim","version_start":"0.9","version_start_inclusive":true,"version_end":"0.9","version_end_inclusive":true,"cpe23_uri":"cve5:oracle-corporation:oraclelinux-7.2-shim:0.9:0.9"},{"vendor_slug":"pc-doctor","vendor_name":"PC-Doctor","product_slug":"factory-for-linux-bootable-diagnostics","product_name":"Factory for Linux (Bootable Diagnostics)","version_start":"6.9","version_start_inclusive":true,"version_end":"6.20.7710.267","version_end_inclusive":true,"cpe23_uri":"cve5:pc-doctor:factory-for-linux-bootable-diagnostics:6.9:6.20.7710.267"},{"vendor_slug":"pc-doctor","vendor_name":"PC-Doctor","product_slug":"network-factory-for-linux-bootable-diagnostics","product_name":"Network Factory for Linux (Bootable Diagnostics)","version_start":"6.9","version_start_inclusive":true,"version_end":"6.20.7711.267","version_end_inclusive":true,"cpe23_uri":"cve5:pc-doctor:network-factory-for-linux-bootable-diagnostics:6.9:6.20.7711.267"},{"vendor_slug":"pc-doctor","vendor_name":"PC-Doctor","product_slug":"service-center","product_name":"Service Center","version_start":"14","version_start_inclusive":true,"version_end":"17.0.7535.900","version_end_inclusive":true,"cpe23_uri":"cve5:pc-doctor:service-center:14:17.0.7535.900"},{"vendor_slug":"pc-doctor","vendor_name":"PC-Doctor","product_slug":"service-center-drive-erase","product_name":"Service Center Drive Erase","version_start":"15","version_start_inclusive":true,"version_end":"17.0.7538.592","version_end_inclusive":true,"cpe23_uri":"cve5:pc-doctor:service-center-drive-erase:15:17.0.7538.592"},{"vendor_slug":"pc-doctor","vendor_name":"PC-Doctor","product_slug":"service-center-enterprise","product_name":"Service Center Enterprise","version_start":"14","version_start_inclusive":true,"version_end":"17.0.7536.900","version_end_inclusive":true,"cpe23_uri":"cve5:pc-doctor:service-center-enterprise:14:17.0.7536.900"},{"vendor_slug":"pc-doctor","vendor_name":"PC-Doctor","product_slug":"service-center-japan","product_name":"Service Center Japan","version_start":"15","version_start_inclusive":true,"version_end":"17.0.7539.904","version_end_inclusive":true,"cpe23_uri":"cve5:pc-doctor:service-center-japan:15:17.0.7539.904"},{"vendor_slug":"spyrus","vendor_name":"Spyrus","product_slug":"wtgcreator","product_name":"WTGCreator","version_start":"4.2","version_start_inclusive":true,"version_end":"4.2","version_end_inclusive":true,"cpe23_uri":"cve5:spyrus:wtgcreator:4.2:4.2"},{"vendor_slug":"suse-linux","vendor_name":"SUSE Linux","product_slug":"opensuse-shim","product_name":"OpenSUSE shim","version_start":"0.9","version_start_inclusive":true,"version_end":"0.9","version_end_inclusive":true,"cpe23_uri":"cve5:suse-linux:opensuse-shim:0.9:0.9"}],"exploit_refs":[],"news":[],"references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-8863","source_type":"VENDOR_ADVISORY","tags":["advisory"]},{"url":"https://kb.cert.org/vuls/id/616257","source_type":"MISC","tags":[]}],"timeline":[{"type":"published","at":"2026-06-09T18:10:15.426000Z","label":"CVE published","source":null},{"type":"cvss_changed","at":"2026-06-28T17:56:22.639448Z","label":"CVSS score revised","source":"cvelistv5"},{"type":"cvss_changed","at":"2026-06-28T17:56:22.639448Z","label":"CVSS score revised","source":"cvelistv5"},{"type":"cvss_changed","at":"2026-06-28T17:56:22.639448Z","label":"CVSS score revised","source":"cvelistv5"}]}