CVE-2026-45655

Published Jun 9, 2026

Last updated 19 hours ago

CVSS medium 5.3

Overview

AI description

Automated description summarized from trusted sources.

CVE-2026-45655 is identified as a Windows BitLocker security feature bypass vulnerability, disclosed by Microsoft in its June 9, 2026 Security Update Guide. This vulnerability was part of a significant Patch Tuesday release that included numerous other fixes related to boot, Secure Boot, UEFI, and BitLocker for supported Windows systems. Exploitation of CVE-2026-45655 is considered easy and requires an attacker to have physical access to the target device. A successful exploit could allow an attacker to bypass the BitLocker Device Encryption feature on the system's storage, potentially granting access to encrypted data without requiring authentication.

Description
Protection mechanism failure in Windows BitLocker allows an unauthorized attacker to bypass a security feature with a physical attack.
Source
secure@microsoft.com
NVD status
Awaiting Analysis

Risk scores

CVSS 3.1

Type
Primary
Base score
5.3
Impact score
4
Exploitability score
0.9
Vector string
CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
Severity
MEDIUM

Weaknesses

secure@microsoft.com
CWE-693

Social media

Hype score is a measure of social media activity compared against trending CVEs from the past 12 months. Max score 100.

Hype score

9

  1. 10 Secure Boot & BitLocker bypasses I reported are fixed in today's Patch Tuesday: CVE-2026-45588, CVE-2026-45654, CVE-2026-45655, CVE-2026-45656, CVE-2026-48568, CVE-2026-48570, CVE-2026-48573, CVE-2026-48575, CVE-2026-48576, CVE-2026-48578 Advisory: https://t.co/NkC6qGL9

    @alon_leviev

    9 Jun 2026

    4726 Impressions

    13 Retweets

    68 Likes

    12 Bookmarks

    2 Replies

    0 Quotes

References

Sources include official advisories and independent security research.