| CVE Number | Vulnerability | Product | Severity | Date |
|---|---|---|---|---|
| CVE-2026-45585 | Windows BitLocker Security Feature Bypass Vulnerability | Windows 11, Windows Server | Important | 01-07-2026 |
Technical Information
An unauthenticated attacker with physical access to the target device could exploit command injection by placing specially crafted files on a USB drive or EFI partition and booting into the Windows Recovery Environment (WinRE), can trigger a command shell with unrestricted access to encrypted BitLocker-protected drives.
Patch release date: Jun 09, 2026
Further information on this vulnerability is available at : CVE-2026-45585
Affected Software
Windows 11 version 26H1 for x64-based Systems,Windows 11 Version 24H2 for x64-based Systems,
Windows 11 Version 25H2 for x64-based Systems,
Windows Server 2025,
Windows Server 2025 (Server Core installation)