194 matches found
CVE-2026-27906
Improper input validation in Windows Hello allows an authorized attacker to bypass a security feature locally...
CVE-2026-27928
Improper input validation in Windows Hello allows an unauthorized attacker to bypass a security feature over a network...
EUVD-2026-22481
Improper input validation in Windows Hello allows an unauthorized attacker to bypass a security feature over a network...
EUVD-2026-22444
Improper input validation in Windows Hello allows an authorized attacker to bypass a security feature locally...
CVE-2026-27928
Improper input validation in Windows Hello allows an unauthorized attacker to bypass a security feature over a network...
CVE-2026-27906
Improper input validation in Windows Hello allows an authorized attacker to bypass a security feature locally...
CVE-2026-27928
CVE-2026-27928 is a Windows Hello security feature bypass vulnerability. The initial sources describe improper input validation in Windows Hello that allows an unauthenticated attacker to bypass a security feature over a network (attack vector: network; user interaction: none). The CVSS 3.1 base ...
CVE-2026-27928 Windows Hello Security Feature Bypass Vulnerability
...
CVE-2026-27928 Windows Hello Security Feature Bypass Vulnerability
...
CVE-2026-27906 Windows Hello Security Feature Bypass Vulnerability
...
CVE-2026-27906
Summary: CVE-2026-27906 (Windows Hello) is a local security feature bypass caused by improper input validation, enabling an authenticated user with high privileges to bypass a security feature. The vulnerability affects Windows Hello components and has an indicative CVSSv3.1 base score of 4.4 (At...
CVE-2026-27906 Windows Hello Security Feature Bypass Vulnerability
...
Windows Hello Security Feature Bypass Vulnerability
Improper input validation in Windows Hello allows an authorized attacker to bypass a security feature locally...
Windows Hello Security Feature Bypass Vulnerability
Improper input validation in Windows Hello allows an unauthorized attacker to bypass a security feature over a network...
PT-2026-32790
CVE-2026-27928 | Microsoft Windows Server 2016 | Vulnerability Description Improper input validation in Windows Hello allows unauth attackers to bypass a security feature over a network by sending malformed input, enabling unauthorized access to protected functionality. Severity: High Exploitatio...
Microsoft Windows Hello 输入验证错误漏洞
Microsoft Windows Hello is a biometric login method provided by Microsoft Corporation in the United States. It allows users to log in using their face, fingerprint, or PIN. There is an input validation vulnerability in Microsoft Windows Hello. Attackers can exploit this vulnerability to bypass...
Microsoft Windows Hello 输入验证错误漏洞
Microsoft Windows Hello is a biometric login method provided by the American company Microsoft. It allows users to log in using their face, fingerprint, or PIN. There is an input validation vulnerability in Microsoft Windows Hello. Attackers can exploit this vulnerability to bypass certain...
PT-2026-32768
Name of the Vulnerable Software and Affected Versions Windows Hello affected versions not specified Description Improper input validation allows an authorized attacker to bypass a security feature locally, which can affect the system. Recommendations At the moment, there is no information about a...
March 2, 2026—KB5082314 (OS Build 20348.4776) Out-of-band
March 2, 2026—KB5082314 OS Build 20348.4776 Out-of-band This out-of-band update for Windows Server 2022 KB5082314 is cumulative. It includes updates from previous security updates, along with an additional fix. To learn more about differences between security updates, optional non-security previe...
CVE-2026-20852
Incorrect privilege assignment in Windows Hello allows an unauthorized attacker to perform tampering locally...