Windows Virtualization-Based Security (VBS) Enclave

CVEs (5)

CVE	Vendor / Product	Sev	Risk	CVSS	EPSS	Published	Description
CVE-2026-23670	Microsoft Windows 10 1607	Med	0.37	5.7	0.00	Apr 14, 2026	Untrusted pointer dereference in Windows Virtualization-Based Security (VBS) Enclave allows an authorized attacker to bypass a security feature locally.
CVE-2026-20935	Microsoft Windows Virtualization-Based Security (VBS) Enclave		0.00	—	0.00	Jan 13, 2026	Untrusted pointer dereference in Windows Virtualization-Based Security (VBS) Enclave allows an unauthorized attacker to disclose information locally.
CVE-2026-20938	Microsoft Windows Virtualization-Based Security (VBS) Enclave		0.00	—	0.00	Jan 13, 2026	Untrusted pointer dereference in Windows Virtualization-Based Security (VBS) Enclave allows an authorized attacker to elevate privileges locally.
CVE-2026-20819	Microsoft Windows Virtualization-Based Security (VBS) Enclave		0.00	—	0.00	Jan 13, 2026	Untrusted pointer dereference in Windows Virtualization-Based Security (VBS) Enclave allows an authorized attacker to disclose information locally.
CVE-2025-47159	Microsoft Windows Virtualization-Based Security (VBS) Enclave		0.00	—	0.01	Jul 8, 2025	Protection mechanism failure in Windows Virtualization-Based Security (VBS) Enclave allows an authorized attacker to elevate privileges locally.

CVE-2026-23670MedApr 14, 2026
Microsoft
Windows 10 1607
risk 0.37cvss 5.7epss 0.00
Untrusted pointer dereference in Windows Virtualization-Based Security (VBS) Enclave allows an authorized attacker to bypass a security feature locally.
CVE-2026-20935Jan 13, 2026
Microsoft
Windows Virtualization-Based Security (VBS) Enclave
risk 0.00cvss —epss 0.00
Untrusted pointer dereference in Windows Virtualization-Based Security (VBS) Enclave allows an unauthorized attacker to disclose information locally.
CVE-2026-20938Jan 13, 2026
Microsoft
Windows Virtualization-Based Security (VBS) Enclave
risk 0.00cvss —epss 0.00
Untrusted pointer dereference in Windows Virtualization-Based Security (VBS) Enclave allows an authorized attacker to elevate privileges locally.
CVE-2026-20819Jan 13, 2026
Microsoft
Windows Virtualization-Based Security (VBS) Enclave
risk 0.00cvss —epss 0.00
Untrusted pointer dereference in Windows Virtualization-Based Security (VBS) Enclave allows an authorized attacker to disclose information locally.
CVE-2025-47159Jul 8, 2025
Microsoft
Windows Virtualization-Based Security (VBS) Enclave
risk 0.00cvss —epss 0.01
Protection mechanism failure in Windows Virtualization-Based Security (VBS) Enclave allows an authorized attacker to elevate privileges locally.