{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-30T04:22:29.608","vulnerabilities":[{"cve":{"id":"CVE-2026-27906","sourceIdentifier":"secure@microsoft.com","published":"2026-04-14T18:16:56.797","lastModified":"2026-04-23T17:46:58.517","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Improper input validation in Windows Hello allows an authorized attacker to bypass a security feature locally."}],"metrics":{"cvssMetricV31":[{"source":"secure@microsoft.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N","baseScore":4.4,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":0.8,"impactScore":3.6}]},"weaknesses":[{"source":"secure@microsoft.com","type":"Secondary","description":[{"lang":"en","value":"CWE-20"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:arm64:*","versionEndExcluding":"10.0.19044.7184","matchCriteriaId":"88A175C4-E033-4FE7-B2BF-8BAE14321BC4"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.19044.7184","matchCriteriaId":"86DBF14A-F486-4FE7-9126-D1D54952FC6C"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:x86:*","versionEndExcluding":"10.0.19044.7184","matchCriteriaId":"C375372B-D3D4-4B11-AAD8-69AC344C24BC"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:arm64:*","versionEndExcluding":"10.0.19045.7184","matchCriteriaId":"8CE2E268-E776-4697-9E43-33ABA4CDBE05"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.19045.7184","matchCriteriaId":"269B8E88-6473-41DD-BA33-D9184B82CA58"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:x86:*","versionEndExcluding":"10.0.19045.7184","matchCriteriaId":"FCBB431B-EF21-4454-BDA3-D8F276BE7A64"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_23h2:*:*:*:*:*:*:arm64:*","versionEndExcluding":"10.0.22631.6936","matchCriteriaId":"B33CE091-B873-4C30-BA05-54A8C1839212"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_23h2:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.22631.6936","matchCriteriaId":"E3AF28F3-D486-4B88-9E0E-371241024174"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_24h2:*:*:*:*:*:*:arm64:*","versionEndExcluding":"10.0.26100.8246","matchCriteriaId":"94EB36C7-1FF2-4B44-AD91-F3540F09393E"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_24h2:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.26100.8246","matchCriteriaId":"14B23C3F-C8AC-491A-BCA5-EB6982C8F9E9"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_25h2:*:*:*:*:*:*:arm64:*","versionEndExcluding":"10.0.26200.8246","matchCriteriaId":"361B5DAB-8D1F-45D7-A33C-F49EBA56B5F8"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_25h2:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.26200.8246","matchCriteriaId":"ADC6CE99-AB5D-4DD5-82A9-892366C4B2FD"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_26h1:*:*:*:*:*:*:arm64:*","versionEndExcluding":"10.0.28000.1836","matchCriteriaId":"690E74A8-E72C-47B6-96EB-37C48D69A635"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_26h1:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.28000.1836","matchCriteriaId":"13A01FA1-08DC-4E33-9FFC-AB4BCD9634CA"}]}]}],"references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-27906","source":"secure@microsoft.com","tags":["Vendor Advisory"]}]}}]}