Improper access control in Windows and Windows Server - CVE-2026-49783
Published: July 17, 2026
Windows
Windows Server
Detailed vulnerability description
The vulnerability allows a local user to bypass a security feature.
The vulnerability exists due to improper access control in Windows Secure Boot when performing security checks for standard boot conditions. A local user can exploit the flawed security check to bypass a security feature.
The vulnerability could allow Secure Boot to be bypassed.