CVE-2025-26644

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2025-26644
Automated recognition mechanism with inadequate detection or handling of adversarial input perturbations in Windows Hello allows an unauthorized attacker to perform spoofing locally.
CVSS

No CVSS.

References
Link Resource
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-26644 Vendor Advisory
Configurations

Configuration 1 (hide)

OR cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*
cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:*
cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_server_2025:*:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_11_24h2:*:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_11_23h2:*:*:*:*:*:*:*:*
History

10 Jul 2025, 15:56

Type Values Removed Values Added
First Time Microsoft windows Server 2025
Microsoft windows 10 1809
Microsoft windows Server 2019
Microsoft windows 10 22h2
Microsoft windows 10 21h2
Microsoft windows 11 22h2
Microsoft
Microsoft windows 11 23h2
Microsoft windows 11 24h2
References () https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-26644 - () https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-26644 - Vendor Advisory
CVSS v2 : unknown
v3 : 5.1 		v2 : unknown
v3 : unknown
CWE CWE-1039
CPE cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_11_24h2:*:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_server_2025:*:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*
cpe:2.3:o:microsoft:windows_11_23h2:*:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:*

08 Apr 2025, 18:15

Type Values Removed Values Added
New CVE
Information

Published : 2025-04-08 18:15

Updated : 2025-07-10 15:56

NVD link : CVE-2025-26644

Mitre link : CVE-2025-26644

JSON object : View

Products Affected

microsoft

  • windows_10_21h2
  • windows_11_22h2
  • windows_11_24h2
  • windows_10_22h2
  • windows_11_23h2
  • windows_server_2025
  • windows_10_1809
  • windows_server_2019
CWE

No CWE.