ThreatCluster

Multiple CVEs Affect Windows Virtualization-Based Security (VBS) Enclave

First seen 13 Jan 2026, 20:07 UTC Api.Msrc.Microsoft 88% similarity 49

Article Content

Browse articles
ThreatCluster

Four vulnerabilities have been identified in Windows Virtualization-Based Security (VBS) Enclave, allowing both authorized and unauthorized attackers to disclose information or elevate privileges locally. The vulnerabilities include untrusted pointer dereferences and a heap-based buffer overflow, impacting the security of systems utilizing VBS. Specific CVEs include CVE-2026-20819, CVE-2026-20938, CVE-2026-20876, and CVE-2026-20935.

ThreatCluster AI

Community

Browse all →