EUVD-2026-22589
Protection Mechanism Failure (CWE-693)
GHSA-x62h-w968-3v9v
4.3
CVSS 3.1 · NVD
Temporal: 3.8
Share
Severity by source
NVD
PRIMARY
4.3
MEDIUM
AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
CIRCL (temporal)
3.8
LOW
cvss
Primary rating from NVD.
CVSS VectorNVD
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
Required
Scope
Unchanged
Confidentiality
Low
Integrity
None
Availability
None
Lifecycle Timeline
8
Added to CISA KEV
Apr 28, 2026 - 21:47 cisa
CISA KEV
PoC Detected
Apr 28, 2026 - 21:47 vuln.today
Public exploit code
Added to CISA KEV
Apr 28, 2026 - 17:32 CISA
Analysis Generated
Apr 14, 2026 - 19:41 vuln.today
EUVD ID Assigned
Apr 14, 2026 - 17:46 euvd
EUVD-2026-22589
Analysis Generated
Apr 14, 2026 - 17:46 vuln.today
Patch released
Apr 14, 2026 - 17:46 nvd
Patch available
CVE Published
Apr 14, 2026 - 16:57 nvd
MEDIUM 4.3
DescriptionCVE.org
Protection mechanism failure in Windows Shell allows an unauthorized attacker to perform spoofing over a network.
Articles & Coverage 1
AnalysisAI
Windows Shell protection mechanism failure (CVE-2026-32202) allows remote attackers to perform spoofing attacks over a network without authentication, requiring only user interaction. This low-severity vulnerability affects multiple Windows versions from Windows 10 1607 through Windows 11 26H1 and Windows Server 2012 through 2025. …
Unlock full vulnerability intelligence
- Risk assessment & exploitation conditions
- Attack chain visualization
- Remediation with exact patch versions
- Threat intelligence from 22 sources
- Personal watchlist & email alerts
Free forever · No credit card required
Attack ChainAIDerived
Hypothetical attack flow derived from CVE metadata
Access
Send crafted network content
Delivery
User interacts with shell
Exploit
Validation mechanism fails
Execution
Spoofed identity accepted
Impact
Information disclosure or trust abuse
Access
Send crafted network content
Delivery
User interacts with shell
Exploit
Validation mechanism fails
Execution
Spoofed identity accepted
Impact
Information disclosure or trust abuse
Vulnerability AssessmentAI
| Risk Assessment | This vulnerability presents a moderate real-world risk despite its low CVSS score. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in. |
| Exploit Scenario | An attacker crafts malicious content (such as specially formatted files, network resources, or shortcuts) that exploits the shell's failed validation mechanisms. When a user interacts with this content through Windows Explorer or related shell interfaces-such as browsing a network share, opening a downloaded file, or previewing content-the shell fails to properly validate the authenticity or source of the item. … |
| Remediation | Vendor-released patch available per Microsoft Security Response Center. … Detailed patch versions, workarounds, and compensating controls in full report. |
Threat intelligence, references, and detailed analysis are available after sign-in.
Share
External POC / Exploit Code
Leaving vuln.today
Destination URL
POC code from unknown sources may be malicious, contain backdoors, or be fake.
Always review and test exploit code in a safe, isolated environment (VM/sandbox).
Verify the source reputation and cross-reference with known databases (Exploit-DB, GitHub Security).