CVE-2026-32202
medium
KEV
CVSS v3
4.3
CVSS v2
—
VIR risk
5.8
Description
Microsoft Windows Shell contains a protection mechanism failure vulnerability that allows an unauthorized attacker to perform spoofing over a network.
CISA KEV
- Vendor
- Microsoft
- Product
- Windows
- Due date
- 2026-05-12
Predictions
Exploit likelihood
99%
Patch ETA
—
Heuristic predictions, AS-IS, for prioritization only.
Mitigations
Vendor advisory: cisa-kev — https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-32202 ; https://nvd.nist.gov/vuln/detail/CVE-2026-32202
Vendor advisory: af854a3a-2127-422b-91ae-364da2661108 — https://www.vicarius.io/vsociety/posts/cve-2026-32202-mitigation-script-spoofing-vulnerability-in-windows-shell
Vendor advisory: secure@microsoft.com — https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-32202
Exploits
OS impact
| OS | Version | Status | Fixed in |
|---|---|---|---|
| windows | - | affected | |
| windows | r2 | affected | |
| windows | affected | 10.0.14393.9060 |
References
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-32202
- https://www.vicarius.io/vsociety/posts/cve-2026-32202-detection-script-spoofing-vulnerability-in-windows-shell
- https://www.vicarius.io/vsociety/posts/cve-2026-32202-mitigation-script-spoofing-vulnerability-in-windows-shell
- https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-32202
- https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-32202 ; https://nvd.nist.gov/vuln/detail/CVE-2026-32202
CWEs
CWE-693
Verify integrity in audit chain (admin only). AS-IS.