VDB

CVE-2026-8863

CVE-2026-8863 PUBLISHED CVSS 7.8 HIGH

Reported by certcc · Published June 9, 2026

Multiple Microsoft-sigend UEFI SHIM bootloaders are vulnerable to SecureBoot bypass. An attacker with administrative privileges or the ability to modify the boot process could use one of the vulnerable shim bootloaders to bypass Secure Boot protections and execute arbitrary code before the operating system loads. Specific UEFI DBX update is required to block these vulnerable boot loaders.

Risk Scores

CVSS 3.1
7.8
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Affected Products

VendorProductVersions
Oracle CorporationOracleLinux(7.2) shim0.9
PC-DoctorService Center Enterprise14
PC-DoctorService Center Drive Erase15
PC-DoctorService Center Japan15
PC-DoctorService Center14
PC-DoctorNetwork Factory for Linux (Bootable Diagnostics)6.9
PC-DoctorFactory for Linux (Bootable Diagnostics)6.9
SpyrusWTGCreator4.2
Blancco UKWhiteCanyon WipeDrive8.0.0
baramundi softwarebaramundi Management Suite*
SUSE LinuxOpenSUSE shim0.9
Finland Matriculation BoardAbitti 11.0.0
NTC IT ROSA LLCRosaLinuxR9
NTC IT ROSA LLCRosaLinuxR10
baramundi softwarebaramundi Management Suite*
Blancco UKWhiteCanyon WipeDrive8.0.0, 8.0.0
Baramundi SoftwareBaramundi Management Suite*
Finland Matriculation BoardAbitti 11.0.0, 1.0.0
PC-DoctorService Center Japan15, 15
Oracle CorporationOracleLinux(7.2) shim0.9, 0.9

…and 8 more

Timeline

  • Jun 9, 2026 CVE Published
  • Jun 10, 2026 Coalition ESS Score
  • Jun 10, 2026 Security Advisory
  • Jun 10, 2026 Security Advisory
  • Jun 10, 2026 Security Advisory
Open in Interactive Console →
$ Console Community · 100/wk Open console ›