CVE-2026-8863

HIGH 7.8

CVE-2026-8863

CVSS Score

7.8

EPSS Score

0.0%

EPSS Percentile

0th

Multiple Microsoft-sigend UEFI SHIM bootloaders are vulnerable to SecureBoot bypass. An attacker with administrative privileges or the ability to modify the boot process could use one of the vulnerable shim bootloaders to bypass Secure Boot protections and execute arbitrary code before the operating system loads. Specific UEFI DBX update is required to block these vulnerable boot loaders.

Vendor	oracle corporation
Product	oraclelinux(7.2) shim
Published	Jun 9, 2026
Last Updated	Jun 9, 2026

Stay Ahead of the Next One

Get instant alerts for oracle corporation oraclelinux(7.2) shim

Be the first to know when new high vulnerabilities affecting oracle corporation oraclelinux(7.2) shim are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

Affected Versions

Oracle Corporation / OracleLinux(7.2) shim

0.9

PC-Doctor / Service Center Enterprise

14 ≤ 17.0.7536.900

PC-Doctor / Service Center Drive Erase

15 ≤ 17.0.7538.592

PC-Doctor / Service Center Japan

15 ≤ 17.0.7539.904

PC-Doctor / Service Center

14 ≤ 17.0.7535.900

PC-Doctor / Network Factory for Linux (Bootable Diagnostics)

6.9 ≤ 6.20.7711.267

PC-Doctor / Factory for Linux (Bootable Diagnostics)

6.9 ≤ 6.20.7710.267

Spyrus / WTGCreator

4.2

Blancco UK / WhiteCanyon WipeDrive

8.0.0 ≤ 8.1.3

Baramundi Software / Baramundi Management Suite

* ≤ 2024R1

Finland Matriculation Board / Abitti 1

1.0.0

NTC IT ROSA LLC / RosaLinux

R10

References

NVD ↗ CVE.org ↗ EPSS Data ↗

msrc.microsoft.com: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-8863 kb.cert.org: https://kb.cert.org/vuls/id/616257 kb.cert.org: https://www.kb.cert.org/vuls/id/616257

Credits

Thanks to Martin Smolar of ESET for discovering and reporting this vulnerability