<< Back
CVE Number Vulnerability Product Severity Date
CVE-2026-45585 Windows BitLocker Security Feature Bypass Vulnerability Windows 11, Windows Server Important 01-07-2026

Technical Information

An unauthenticated attacker with physical access to the target device could exploit command injection by placing specially crafted files on a USB drive or EFI partition and booting into the Windows Recovery Environment (WinRE), can trigger a command shell with unrestricted access to encrypted BitLocker-protected drives.

Patch release date: Jun 09, 2026
Further information on this vulnerability is available at : CVE-2026-45585

Affected Software

Windows 11 version 26H1 for x64-based Systems,
Windows 11 Version 24H2 for x64-based Systems,
Windows 11 Version 25H2 for x64-based Systems,
Windows Server 2025,
Windows Server 2025 (Server Core installation)