{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-32202", "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "state": "PUBLISHED", "assignerShortName": "microsoft", "dateReserved": "2026-03-11T01:49:58.658Z", "datePublished": "2026-04-14T16:57:36.996Z", "dateUpdated": "2026-05-12T17:38:32.933Z"}, "containers": {"cna": {"title": "Windows Shell Spoofing Vulnerability", "datePublic": "2026-04-14T14:00:00.000Z", "cpeApplicability": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:*", "versionStartIncluding": "10.0.17763.0", "versionEndExcluding": "10.0.17763.8644"}, {"vulnerable": true, "criteria": "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*", "versionStartIncluding": "10.0.17763.0", "versionEndExcluding": "10.0.17763.8644"}, {"vulnerable": true, "criteria": "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*", "versionStartIncluding": "10.0.17763.0", "versionEndExcluding": "10.0.17763.8644"}, {"vulnerable": true, "criteria": "cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:*", "versionStartIncluding": "10.0.20348.0", "versionEndExcluding": "10.0.20348.5020"}, {"vulnerable": true, "criteria": "cpe:2.3:o:microsoft:windows_10_21H2:*:*:*:*:*:*:x86:*", "versionStartIncluding": "10.0.19044.0", "versionEndExcluding": "10.0.19044.7184"}, {"vulnerable": true, "criteria": "cpe:2.3:o:microsoft:windows_10_22H2:*:*:*:*:*:*:x64:*", "versionStartIncluding": "10.0.19045.0", "versionEndExcluding": "10.0.19045.7184"}, {"vulnerable": true, "criteria": "cpe:2.3:o:microsoft:windows_server_2025:*:*:*:*:*:*:*:*", "versionStartIncluding": "10.0.26100.0", "versionEndExcluding": "10.0.26100.32690"}, {"vulnerable": true, "criteria": "cpe:2.3:o:microsoft:windows_11_25H2:*:*:*:*:*:*:arm64:*", "versionStartIncluding": "10.0.26200.0", "versionEndExcluding": "10.0.26200.8246"}, {"vulnerable": true, "criteria": "cpe:2.3:o:microsoft:windows_11_23H2:*:*:*:*:*:*:arm64:*", "versionStartIncluding": "10.0.22631.0", "versionEndExcluding": "10.0.22631.6936"}, {"vulnerable": true, "criteria": "cpe:2.3:o:microsoft:windows_11_23H2:*:*:*:*:*:*:x64:*", "versionStartIncluding": "10.0.22631.0", "versionEndExcluding": "10.0.22631.6936"}, {"vulnerable": true, "criteria": "cpe:2.3:o:microsoft:windows_server_23h2:*:*:*:*:*:*:*:*", "versionStartIncluding": "10.0.25398.0", "versionEndExcluding": "10.0.25398.2274"}, {"vulnerable": true, "criteria": "cpe:2.3:o:microsoft:windows_11_24H2:*:*:*:*:*:*:arm64:*", "versionStartIncluding": "10.0.26100.0", "versionEndExcluding": "10.0.26100.8246"}, {"vulnerable": true, "criteria": "cpe:2.3:o:microsoft:windows_server_2025:*:*:*:*:*:*:*:*", "versionStartIncluding": "10.0.26100.0", "versionEndExcluding": "10.0.26100.32690"}, {"vulnerable": true, "criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x86:*", "versionStartIncluding": "10.0.14393.0", "versionEndExcluding": "10.0.14393.9060"}, {"vulnerable": true, "criteria": "cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*", "versionStartIncluding": "10.0.14393.0", "versionEndExcluding": "10.0.14393.9060"}, {"vulnerable": true, "criteria": "cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*", "versionStartIncluding": "10.0.14393.0", "versionEndExcluding": "10.0.14393.9060"}, {"vulnerable": true, "criteria": "cpe:2.3:o:microsoft:windows_server_2012:*:*:*:*:*:*:x64:*", "versionStartIncluding": "6.2.9200.0", "versionEndExcluding": "6.2.9200.26026"}, {"vulnerable": true, "criteria": "cpe:2.3:o:microsoft:windows_server_2012:*:*:*:*:*:*:x64:*", "versionStartIncluding": "6.2.9200.0", "versionEndExcluding": "6.2.9200.26026"}, {"vulnerable": true, "criteria": "cpe:2.3:o:microsoft:windows_server_2012_R2:*:*:*:*:*:*:x64:*", "versionStartIncluding": "6.3.9600.0", "versionEndExcluding": "6.3.9600.23132"}, {"vulnerable": true, "criteria": "cpe:2.3:o:microsoft:windows_server_2012_R2:*:*:*:*:*:*:x64:*", "versionStartIncluding": "6.3.9600.0", "versionEndExcluding": "6.3.9600.23132"}, {"vulnerable": true, "criteria": "cpe:2.3:o:microsoft:windows_11_26H1:*:*:*:*:*:*:arm64:*", "versionStartIncluding": "10.0.28000.0", "versionEndExcluding": "10.0.28000.1836"}]}]}], "affected": [{"vendor": "Microsoft", "product": "Windows 10 Version 1607", "platforms": ["32-bit Systems", "x64-based Systems"], "versions": [{"version": "10.0.14393.0", "lessThan": "10.0.14393.9060", "versionType": "custom", "status": "affected"}]}, {"vendor": "Microsoft", "product": "Windows 10 Version 1809", "platforms": ["32-bit Systems", "x64-based Systems"], "versions": [{"version": "10.0.17763.0", "lessThan": "10.0.17763.8644", "versionType": "custom", "status": "affected"}]}, {"vendor": "Microsoft", "product": "Windows 10 Version 21H2", "platforms": ["32-bit Systems", "ARM64-based Systems", "x64-based Systems"], "versions": [{"version": "10.0.19044.0", "lessThan": "10.0.19044.7184", "versionType": "custom", "status": "affected"}]}, {"vendor": "Microsoft", "product": "Windows 10 Version 22H2", "platforms": ["32-bit Systems", "ARM64-based Systems", "x64-based Systems"], "versions": [{"version": "10.0.19045.0", "lessThan": "10.0.19045.7184", "versionType": "custom", "status": "affected"}]}, {"vendor": "Microsoft", "product": "Windows 11 version 22H3", "platforms": ["ARM64-based Systems"], "versions": [{"version": "10.0.22631.0", "lessThan": "10.0.22631.6936", "versionType": "custom", "status": "affected"}]}, {"vendor": "Microsoft", "product": "Windows 11 Version 23H2", "platforms": ["x64-based Systems"], "versions": [{"version": "10.0.22631.0", "lessThan": "10.0.22631.6936", "versionType": "custom", "status": "affected"}]}, {"vendor": "Microsoft", "product": "Windows 11 Version 24H2", "platforms": ["ARM64-based Systems", "x64-based Systems"], "versions": [{"version": "10.0.26100.0", "lessThan": "10.0.26100.8246", "versionType": "custom", "status": "affected"}]}, {"vendor": "Microsoft", "product": "Windows 11 Version 25H2", "platforms": ["ARM64-based Systems", "x64-based Systems"], "versions": [{"version": "10.0.26200.0", "lessThan": "10.0.26200.8246", "versionType": "custom", "status": "affected"}]}, {"vendor": "Microsoft", "product": "Windows 11 version 26H1", "platforms": ["ARM64-based Systems", "x64-based Systems"], "versions": [{"version": "10.0.28000.0", "lessThan": "10.0.28000.1836", "versionType": "custom", "status": "affected"}]}, {"vendor": "Microsoft", "product": "Windows Server 2012", "platforms": ["x64-based Systems"], "versions": [{"version": "6.2.9200.0", "lessThan": "6.2.9200.26026", "versionType": "custom", "status": "affected"}]}, {"vendor": "Microsoft", "product": "Windows Server 2012 (Server Core installation)", "platforms": ["x64-based Systems"], "versions": [{"version": "6.2.9200.0", "lessThan": "6.2.9200.26026", "versionType": "custom", "status": "affected"}]}, {"vendor": "Microsoft", "product": "Windows Server 2012 R2", "platforms": ["x64-based Systems"], "versions": [{"version": "6.3.9600.0", "lessThan": "6.3.9600.23132", "versionType": "custom", "status": "affected"}]}, {"vendor": "Microsoft", "product": "Windows Server 2012 R2 (Server Core installation)", "platforms": ["x64-based Systems"], "versions": [{"version": "6.3.9600.0", "lessThan": "6.3.9600.23132", "versionType": "custom", "status": "affected"}]}, {"vendor": "Microsoft", "product": "Windows Server 2016", "platforms": ["x64-based Systems"], "versions": [{"version": "10.0.14393.0", "lessThan": "10.0.14393.9060", "versionType": "custom", "status": "affected"}]}, {"vendor": "Microsoft", "product": "Windows Server 2016 (Server Core installation)", "platforms": ["x64-based Systems"], "versions": [{"version": "10.0.14393.0", "lessThan": "10.0.14393.9060", "versionType": "custom", "status": "affected"}]}, {"vendor": "Microsoft", "product": "Windows Server 2019", "platforms": ["x64-based Systems"], "versions": [{"version": "10.0.17763.0", "lessThan": "10.0.17763.8644", "versionType": "custom", "status": "affected"}]}, {"vendor": "Microsoft", "product": "Windows Server 2019 (Server Core installation)", "platforms": ["x64-based Systems"], "versions": [{"version": "10.0.17763.0", "lessThan": "10.0.17763.8644", "versionType": "custom", "status": "affected"}]}, {"vendor": "Microsoft", "product": "Windows Server 2022", "platforms": ["x64-based Systems"], "versions": [{"version": "10.0.20348.0", "lessThan": "10.0.20348.5020", "versionType": "custom", "status": "affected"}]}, {"vendor": "Microsoft", "product": "Windows Server 2022, 23H2 Edition (Server Core installation)", "platforms": ["x64-based Systems"], "versions": [{"version": "10.0.25398.0", "lessThan": "10.0.25398.2274", "versionType": "custom", "status": "affected"}]}, {"vendor": "Microsoft", "product": "Windows Server 2025", "platforms": ["x64-based Systems"], "versions": [{"version": "10.0.26100.0", "lessThan": "10.0.26100.32690", "versionType": "custom", "status": "affected"}]}, {"vendor": "Microsoft", "product": "Windows Server 2025 (Server Core installation)", "platforms": ["x64-based Systems"], "versions": [{"version": "10.0.26100.0", "lessThan": "10.0.26100.32690", "versionType": "custom", "status": "affected"}]}], "descriptions": [{"value": "Protection mechanism failure in Windows Shell allows an unauthorized attacker to perform spoofing over a network.", "lang": "en-US"}], "problemTypes": [{"descriptions": [{"description": "CWE-693: Protection Mechanism Failure", "lang": "en-US", "type": "CWE", "cweId": "CWE-693"}]}], "providerMetadata": {"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft", "dateUpdated": "2026-05-12T17:38:32.933Z"}, "references": [{"name": "Windows Shell Spoofing Vulnerability", "tags": ["vendor-advisory", "patch"], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-32202"}], "metrics": [{"format": "CVSS", "scenarios": [{"lang": "en-US", "value": "GENERAL"}], "cvssV3_1": {"version": "3.1", "baseSeverity": "MEDIUM", "baseScore": 4.3, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:F/RL:O/RC:C"}}]}, "adp": [{"references": [{"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-32202", "tags": ["government-resource"]}], "metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-04-27T00:00:00+00:00", "options": [{"Exploitation": "active"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3", "id": "CVE-2026-32202"}}}, {"other": {"type": "kev", "content": {"dateAdded": "2026-04-28", "reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-32202"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-29T03:55:31.800Z"}, "timeline": [{"time": "2026-04-28T00:00:00.000Z", "lang": "en", "value": "CVE-2026-32202 added to CISA KEV"}]}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-32202", "role": "CISA Coordinator", "options": [{"Exploitation": "active"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-04-28T17:41:32.303301Z"}}}, {"other": {"type": "kev", "content": {"dateAdded": "2026-04-28", "reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-32202"}}}], "references": [{"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-32202", "tags": ["government-resource"]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-14T19:32:06.312Z"}, "timeline": [{"lang": "en", "time": "2026-04-28T00:00:00.000Z", "value": "CVE-2026-32202 added to CISA KEV"}]}], "cna": {"title": "Windows Shell Spoofing Vulnerability", "metrics": [{"format": "CVSS", "cvssV3_1": {"version": "3.1", "baseScore": 4.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:F/RL:O/RC:C"}, "scenarios": [{"lang": "en-US", "value": "GENERAL"}]}], "affected": [{"vendor": "Microsoft", "product": "Windows 10 Version 1607", "versions": [{"status": "affected", "version": "10.0.14393.0", "lessThan": "10.0.14393.9060", "versionType": "custom"}], "platforms": ["32-bit Systems", "x64-based Systems"]}, {"vendor": "Microsoft", "product": "Windows 10 Version 1809", "versions": [{"status": "affected", "version": "10.0.17763.0", "lessThan": "10.0.17763.8644", "versionType": "custom"}], "platforms": ["32-bit Systems", "x64-based Systems"]}, {"vendor": "Microsoft", "product": "Windows 10 Version 21H2", "versions": [{"status": "affected", "version": "10.0.19044.0", "lessThan": "10.0.19044.7184", "versionType": "custom"}], "platforms": ["32-bit Systems", "ARM64-based Systems", "x64-based Systems"]}, {"vendor": "Microsoft", "product": "Windows 10 Version 22H2", "versions": [{"status": "affected", "version": "10.0.19045.0", "lessThan": "10.0.19045.7184", "versionType": "custom"}], "platforms": ["32-bit Systems", "ARM64-based Systems", "x64-based Systems"]}, {"vendor": "Microsoft", "product": "Windows 11 version 22H3", "versions": [{"status": "affected", "version": "10.0.22631.0", "lessThan": "10.0.22631.6936", "versionType": "custom"}], "platforms": ["ARM64-based Systems"]}, {"vendor": "Microsoft", "product": "Windows 11 Version 23H2", "versions": [{"status": "affected", "version": "10.0.22631.0", "lessThan": "10.0.22631.6936", "versionType": "custom"}], "platforms": ["x64-based Systems"]}, {"vendor": "Microsoft", "product": "Windows 11 Version 24H2", "versions": [{"status": "affected", "version": "10.0.26100.0", "lessThan": "10.0.26100.8246", "versionType": "custom"}], "platforms": ["ARM64-based Systems", "x64-based Systems"]}, {"vendor": "Microsoft", "product": "Windows 11 Version 25H2", "versions": [{"status": "affected", "version": "10.0.26200.0", "lessThan": "10.0.26200.8246", "versionType": "custom"}], "platforms": ["ARM64-based Systems", "x64-based Systems"]}, {"vendor": "Microsoft", "product": "Windows 11 version 26H1", "versions": [{"status": "affected", "version": "10.0.28000.0", "lessThan": "10.0.28000.1836", "versionType": "custom"}], "platforms": ["ARM64-based Systems", "x64-based Systems"]}, {"vendor": "Microsoft", "product": "Windows Server 2012", "versions": [{"status": "affected", "version": "6.2.9200.0", "lessThan": "6.2.9200.26026", "versionType": "custom"}], "platforms": ["x64-based Systems"]}, {"vendor": "Microsoft", "product": "Windows Server 2012 (Server Core installation)", "versions": [{"status": "affected", "version": "6.2.9200.0", "lessThan": "6.2.9200.26026", "versionType": "custom"}], "platforms": ["x64-based Systems"]}, {"vendor": "Microsoft", "product": "Windows Server 2012 R2", "versions": [{"status": "affected", "version": "6.3.9600.0", "lessThan": "6.3.9600.23132", "versionType": "custom"}], "platforms": ["x64-based Systems"]}, {"vendor": "Microsoft", "product": "Windows Server 2012 R2 (Server Core installation)", "versions": [{"status": "affected", "version": "6.3.9600.0", "lessThan": "6.3.9600.23132", "versionType": "custom"}], "platforms": ["x64-based Systems"]}, {"vendor": "Microsoft", "product": "Windows Server 2016", "versions": [{"status": "affected", "version": "10.0.14393.0", "lessThan": "10.0.14393.9060", "versionType": "custom"}], "platforms": ["x64-based Systems"]}, {"vendor": "Microsoft", "product": "Windows Server 2016 (Server Core installation)", "versions": [{"status": "affected", "version": "10.0.14393.0", "lessThan": "10.0.14393.9060", "versionType": "custom"}], "platforms": ["x64-based Systems"]}, {"vendor": "Microsoft", "product": "Windows Server 2019", "versions": [{"status": "affected", "version": "10.0.17763.0", "lessThan": "10.0.17763.8644", "versionType": "custom"}], "platforms": ["x64-based Systems"]}, {"vendor": "Microsoft", "product": "Windows Server 2019 (Server Core installation)", "versions": [{"status": "affected", "version": "10.0.17763.0", "lessThan": "10.0.17763.8644", "versionType": "custom"}], "platforms": ["x64-based Systems"]}, {"vendor": "Microsoft", "product": "Windows Server 2022", "versions": [{"status": "affected", "version": "10.0.20348.0", "lessThan": "10.0.20348.5020", "versionType": "custom"}], "platforms": ["x64-based Systems"]}, {"vendor": "Microsoft", "product": "Windows Server 2022, 23H2 Edition (Server Core installation)", "versions": [{"status": "affected", "version": "10.0.25398.0", "lessThan": "10.0.25398.2274", "versionType": "custom"}], "platforms": ["x64-based Systems"]}, {"vendor": "Microsoft", "product": "Windows Server 2025", "versions": [{"status": "affected", "version": "10.0.26100.0", "lessThan": "10.0.26100.32690", "versionType": "custom"}], "platforms": ["x64-based Systems"]}, {"vendor": "Microsoft", "product": "Windows Server 2025 (Server Core installation)", "versions": [{"status": "affected", "version": "10.0.26100.0", "lessThan": "10.0.26100.32690", "versionType": "custom"}], "platforms": ["x64-based Systems"]}], "datePublic": "2026-04-14T14:00:00.000Z", "references": [{"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-32202", "name": "Windows Shell Spoofing Vulnerability", "tags": ["vendor-advisory", "patch"]}], "descriptions": [{"lang": "en-US", "value": "Protection mechanism failure in Windows Shell allows an unauthorized attacker to perform spoofing over a network."}], "problemTypes": [{"descriptions": [{"lang": "en-US", "type": "CWE", "cweId": "CWE-693", "description": "CWE-693: Protection Mechanism Failure"}]}], "cpeApplicability": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:*", "vulnerable": true, "versionEndExcluding": "10.0.17763.8644", "versionStartIncluding": "10.0.17763.0"}, {"criteria": "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "10.0.17763.8644", "versionStartIncluding": "10.0.17763.0"}, {"criteria": "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "10.0.17763.8644", "versionStartIncluding": "10.0.17763.0"}, {"criteria": "cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "10.0.20348.5020", "versionStartIncluding": "10.0.20348.0"}, {"criteria": "cpe:2.3:o:microsoft:windows_10_21H2:*:*:*:*:*:*:x86:*", "vulnerable": true, "versionEndExcluding": "10.0.19044.7184", "versionStartIncluding": "10.0.19044.0"}, {"criteria": "cpe:2.3:o:microsoft:windows_10_22H2:*:*:*:*:*:*:x64:*", "vulnerable": true, "versionEndExcluding": "10.0.19045.7184", "versionStartIncluding": "10.0.19045.0"}, {"criteria": "cpe:2.3:o:microsoft:windows_server_2025:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "10.0.26100.32690", "versionStartIncluding": "10.0.26100.0"}, {"criteria": "cpe:2.3:o:microsoft:windows_11_25H2:*:*:*:*:*:*:arm64:*", "vulnerable": true, "versionEndExcluding": "10.0.26200.8246", "versionStartIncluding": "10.0.26200.0"}, {"criteria": "cpe:2.3:o:microsoft:windows_11_23H2:*:*:*:*:*:*:arm64:*", "vulnerable": true, "versionEndExcluding": "10.0.22631.6936", "versionStartIncluding": "10.0.22631.0"}, {"criteria": "cpe:2.3:o:microsoft:windows_11_23H2:*:*:*:*:*:*:x64:*", "vulnerable": true, "versionEndExcluding": "10.0.22631.6936", "versionStartIncluding": "10.0.22631.0"}, {"criteria": "cpe:2.3:o:microsoft:windows_server_23h2:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "10.0.25398.2274", "versionStartIncluding": "10.0.25398.0"}, {"criteria": "cpe:2.3:o:microsoft:windows_11_24H2:*:*:*:*:*:*:arm64:*", "vulnerable": true, "versionEndExcluding": "10.0.26100.8246", "versionStartIncluding": "10.0.26100.0"}, {"criteria": "cpe:2.3:o:microsoft:windows_server_2025:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "10.0.26100.32690", "versionStartIncluding": "10.0.26100.0"}, {"criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x86:*", "vulnerable": true, "versionEndExcluding": "10.0.14393.9060", "versionStartIncluding": "10.0.14393.0"}, {"criteria": "cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "10.0.14393.9060", "versionStartIncluding": "10.0.14393.0"}, {"criteria": "cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "10.0.14393.9060", "versionStartIncluding": "10.0.14393.0"}, {"criteria": "cpe:2.3:o:microsoft:windows_server_2012:*:*:*:*:*:*:x64:*", "vulnerable": true, "versionEndExcluding": "6.2.9200.26026", "versionStartIncluding": "6.2.9200.0"}, {"criteria": "cpe:2.3:o:microsoft:windows_server_2012:*:*:*:*:*:*:x64:*", "vulnerable": true, "versionEndExcluding": "6.2.9200.26026", "versionStartIncluding": "6.2.9200.0"}, {"criteria": "cpe:2.3:o:microsoft:windows_server_2012_R2:*:*:*:*:*:*:x64:*", "vulnerable": true, "versionEndExcluding": "6.3.9600.23132", "versionStartIncluding": "6.3.9600.0"}, {"criteria": "cpe:2.3:o:microsoft:windows_server_2012_R2:*:*:*:*:*:*:x64:*", "vulnerable": true, "versionEndExcluding": "6.3.9600.23132", "versionStartIncluding": "6.3.9600.0"}, {"criteria": "cpe:2.3:o:microsoft:windows_11_26H1:*:*:*:*:*:*:arm64:*", "vulnerable": true, "versionEndExcluding": "10.0.28000.1836", "versionStartIncluding": "10.0.28000.0"}], "operator": "OR"}]}], "providerMetadata": {"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft", "dateUpdated": "2026-05-12T17:38:32.933Z"}}}, "cveMetadata": {"cveId": "CVE-2026-32202", "state": "PUBLISHED", "dateUpdated": "2026-05-12T17:38:32.933Z", "dateReserved": "2026-03-11T01:49:58.658Z", "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "datePublished": "2026-04-14T16:57:36.996Z", "assignerShortName": "microsoft"}, "dataVersion": "5.2"}

{"cisaActionDue": "2026-05-12", "cisaExploitAdd": "2026-04-28", "cisaRequiredAction": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.", "cisaVulnerabilityName": "Microsoft Windows Protection Mechanism Failure Vulnerability", "configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x64:*", "matchCriteriaId": "158C16A3-547E-4130-8428-8E429C37E573", "versionEndExcluding": "10.0.14393.9060", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x86:*", "matchCriteriaId": "58E1A340-D49A-4EBB-A750-876922ACD5CA", "versionEndExcluding": "10.0.14393.9060", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*", "matchCriteriaId": "64248504-2307-45FC-8FF3-7A227CFD8675", "versionEndExcluding": "10.0.17763.8644", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:*", "matchCriteriaId": "9B1465B1-BDE6-4634-8F12-43F71D68A4D6", "versionEndExcluding": "10.0.17763.8644", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:arm64:*", "matchCriteriaId": "88A175C4-E033-4FE7-B2BF-8BAE14321BC4", "versionEndExcluding": "10.0.19044.7184", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:x64:*", "matchCriteriaId": "86DBF14A-F486-4FE7-9126-D1D54952FC6C", "versionEndExcluding": "10.0.19044.7184", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:x86:*", "matchCriteriaId": "C375372B-D3D4-4B11-AAD8-69AC344C24BC", "versionEndExcluding": "10.0.19044.7184", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:arm64:*", "matchCriteriaId": "8CE2E268-E776-4697-9E43-33ABA4CDBE05", "versionEndExcluding": "10.0.19045.7184", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:x64:*", "matchCriteriaId": "269B8E88-6473-41DD-BA33-D9184B82CA58", "versionEndExcluding": "10.0.19045.7184", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:x86:*", "matchCriteriaId": "FCBB431B-EF21-4454-BDA3-D8F276BE7A64", "versionEndExcluding": "10.0.19045.7184", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_11_23h2:*:*:*:*:*:*:arm64:*", "matchCriteriaId": "B33CE091-B873-4C30-BA05-54A8C1839212", "versionEndExcluding": "10.0.22631.6936", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_11_23h2:*:*:*:*:*:*:x64:*", "matchCriteriaId": "E3AF28F3-D486-4B88-9E0E-371241024174", "versionEndExcluding": "10.0.22631.6936", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_11_24h2:*:*:*:*:*:*:arm64:*", "matchCriteriaId": "94EB36C7-1FF2-4B44-AD91-F3540F09393E", "versionEndExcluding": "10.0.26100.8246", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_11_24h2:*:*:*:*:*:*:x64:*", "matchCriteriaId": "14B23C3F-C8AC-491A-BCA5-EB6982C8F9E9", "versionEndExcluding": "10.0.26100.8246", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_11_25h2:*:*:*:*:*:*:arm64:*", "matchCriteriaId": "361B5DAB-8D1F-45D7-A33C-F49EBA56B5F8", "versionEndExcluding": "10.0.26200.8246", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_11_25h2:*:*:*:*:*:*:x64:*", "matchCriteriaId": "ADC6CE99-AB5D-4DD5-82A9-892366C4B2FD", "versionEndExcluding": "10.0.26200.8246", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_11_26h1:*:*:*:*:*:*:arm64:*", "matchCriteriaId": "690E74A8-E72C-47B6-96EB-37C48D69A635", "versionEndExcluding": "10.0.28000.1836", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_11_26h1:*:*:*:*:*:*:x64:*", "matchCriteriaId": "13A01FA1-08DC-4E33-9FFC-AB4BCD9634CA", "versionEndExcluding": "10.0.28000.1836", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*", "matchCriteriaId": "A7DF96F8-BA6A-4780-9CA3-F719B3F81074", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*", "matchCriteriaId": "DB18C4CE-5917-401E-ACF7-2747084FD36E", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*", "matchCriteriaId": "982DB0CA-5196-4E42-B2F7-994BE8179715", "versionEndExcluding": "10.0.14393.9060", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*", "matchCriteriaId": "647CF9B5-8898-469B-9C09-D372A7843187", "versionEndExcluding": "10.0.17763.8644", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:*", "matchCriteriaId": "DC6837B7-5DFD-4AF7-B436-3C6FEF48BA60", "versionEndExcluding": "10.0.20348.5020", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_server_2022_23h2:*:*:*:*:*:*:*:*", "matchCriteriaId": "55A1F3AB-5299-4495-9A73-FDA23C6FD88D", "versionEndExcluding": "10.0.25398.2274", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_server_2025:*:*:*:*:*:*:*:*", "matchCriteriaId": "ADF41A14-B9DA-4788-82A8-74DCDCD090E1", "versionEndExcluding": "10.0.26100.32690", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Protection mechanism failure in Windows Shell allows an unauthorized attacker to perform spoofing over a network."}], "id": "CVE-2026-32202", "lastModified": "2026-04-28T21:47:02.087", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 1.4, "source": "secure@microsoft.com", "type": "Secondary"}]}, "published": "2026-04-14T18:17:27.360", "references": [{"source": "secure@microsoft.com", "tags": ["Vendor Advisory"], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-32202"}, {"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "tags": ["US Government Resource", "Third Party Advisory"], "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-32202"}], "sourceIdentifier": "secure@microsoft.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-693"}], "source": "secure@microsoft.com", "type": "Secondary"}]}

{}

{"affected": [{"configurations": [{"platform": ["32-bit_systems", "x64-based_systems"], "status": "affected", "versions": {"scheme": "generic", "value": "[10.0.14393.0,10.0.14393.9060)"}}], "enrichment": {"confidence": 86.0, "confidence_source": "matching", "scores": [{"score": 86.0, "source": "matching"}]}, "original": {"product": "Windows 10 Version 1607", "source": "cna", "vendor": "Microsoft"}, "product": "windows_10_1607", "vendor": "microsoft"}, {"configurations": [{"platform": ["32-bit_systems", "x64-based_systems"], "status": "affected", "versions": {"scheme": "generic", "value": "[10.0.17763.0,10.0.17763.8644)"}}], "enrichment": {"confidence": 86.0, "confidence_source": "matching", "scores": [{"score": 86.0, "source": "matching"}]}, "original": {"product": "Windows 10 Version 1809", "source": "cna", "vendor": "Microsoft"}, "product": "windows_10_1809", "vendor": "microsoft"}, {"configurations": [{"platform": ["32-bit_systems", "arm64-based_systems", "x64-based_systems"], "status": "affected", "versions": {"scheme": "generic", "value": "[10.0.19044.0,10.0.19044.7184)"}}], "enrichment": {"confidence": 86.0, "confidence_source": "matching", "scores": [{"score": 86.0, "source": "matching"}]}, "original": {"product": "Windows 10 Version 21H2", "source": "cna", "vendor": "Microsoft"}, "product": "windows_10_21h2", "vendor": "microsoft"}, {"configurations": [{"platform": ["32-bit_systems", "arm64-based_systems", "x64-based_systems"], "status": "affected", "versions": {"scheme": "generic", "value": "[10.0.19045.0,10.0.19045.7184)"}}], "enrichment": {"confidence": 86.0, "confidence_source": "matching", "scores": [{"score": 86.0, "source": "matching"}]}, "original": {"product": "Windows 10 Version 22H2", "source": "cna", "vendor": "Microsoft"}, "product": "windows_10_22h2", "vendor": "microsoft"}, {"configurations": [{"platform": ["arm64-based_systems"], "status": "affected", "versions": {"scheme": "generic", "value": "[10.0.22631.0,10.0.22631.6936)"}}], "enrichment": {"confidence": 86.0, "confidence_source": "matching", "scores": [{"score": 86.0, "source": "matching"}]}, "original": {"product": "Windows 11 version 22H3", "source": "cna", "vendor": "Microsoft"}, "product": "windows_11_22h3", "vendor": "microsoft"}, {"configurations": [{"platform": ["x64-based_systems"], "status": "affected", "versions": {"scheme": "generic", "value": "[10.0.22631.0,10.0.22631.6936)"}}], "enrichment": {"confidence": 86.0, "confidence_source": "matching", "scores": [{"score": 86.0, "source": "matching"}]}, "original": {"product": "Windows 11 Version 23H2", "source": "cna", "vendor": "Microsoft"}, "product": "windows_11_23h2", "vendor": "microsoft"}, {"configurations": [{"platform": ["arm64-based_systems", "x64-based_systems"], "status": "affected", "versions": {"scheme": "generic", "value": "[10.0.26100.0,10.0.26100.32690)"}}], "enrichment": {"confidence": 86.0, "confidence_source": "matching", "scores": [{"score": 86.0, "source": "matching"}]}, "original": {"product": "Windows 11 Version 24H2", "source": "cna", "vendor": "Microsoft"}, "product": "windows_11_24h2", "vendor": "microsoft"}, {"configurations": [{"platform": ["arm64-based_systems", "x64-based_systems"], "status": "affected", "versions": {"scheme": "generic", "value": "[10.0.26200.0,10.0.26200.8246)"}}], "enrichment": {"confidence": 86.0, "confidence_source": "matching", "scores": [{"score": 86.0, "source": "matching"}]}, "original": {"product": "Windows 11 Version 25H2", "source": "cna", "vendor": "Microsoft"}, "product": "windows_11_25h2", "vendor": "microsoft"}, {"configurations": [{"platform": ["arm64-based_systems", "x64-based_systems"], "status": "affected", "versions": {"scheme": "generic", "value": "[10.0.28000.0,10.0.28000.1836)"}}], "enrichment": {"confidence": 86.0, "confidence_source": "matching", "scores": [{"score": 86.0, "source": "matching"}]}, "original": {"product": "Windows 11 version 26H1", "source": "cna", "vendor": "Microsoft"}, "product": "windows_11_26h1", "vendor": "microsoft"}, {"configurations": [{"platform": ["x64-based_systems"], "status": "affected", "versions": {"scheme": "generic", "value": "[6.2.9200.0,6.2.9200.26026)"}}], "enrichment": {"confidence": 100.0, "confidence_source": "matching", "scores": [{"score": 100.0, "source": "matching"}]}, "original": {"product": "Windows Server 2012", "source": "cna", "vendor": "Microsoft"}, "product": "windows_server_2012", "vendor": "microsoft"}, {"configurations": [{"platform": ["x64-based_systems"], "status": "affected", "versions": {"scheme": "generic", "value": "[6.2.9200.0,6.2.9200.26026)"}}], "enrichment": {"confidence": 100.0, "confidence_source": "matching", "scores": [{"score": 100.0, "source": "matching"}]}, "original": {"product": "Windows Server 2012 (Server Core installation)", "source": "cna", "vendor": "Microsoft"}, "product": "windows_server_2012_(server_core_installation)", "vendor": "microsoft"}, {"configurations": [{"platform": ["x64-based_systems"], "status": "affected", "versions": {"scheme": "generic", "value": "[6.3.9600.0,6.3.9600.23132)"}}], "enrichment": {"confidence": 100.0, "confidence_source": "matching", "scores": [{"score": 100.0, "source": "matching"}]}, "original": {"product": "Windows Server 2012 R2", "source": "cna", "vendor": "Microsoft"}, "product": "windows_server_2012_r2", "vendor": "microsoft"}, {"configurations": [{"platform": ["x64-based_systems"], "status": "affected", "versions": {"scheme": "generic", "value": "[6.3.9600.0,6.3.9600.23132)"}}], "enrichment": {"confidence": 100.0, "confidence_source": "matching", "scores": [{"score": 100.0, "source": "matching"}]}, "original": {"product": "Windows Server 2012 R2 (Server Core installation)", "source": "cna", "vendor": "Microsoft"}, "product": "windows_server_2012_r2_(server_core_installation)", "vendor": "microsoft"}, {"configurations": [{"platform": ["x64-based_systems"], "status": "affected", "versions": {"scheme": "generic", "value": "[10.0.14393.0,10.0.14393.9060)"}}], "enrichment": {"confidence": 100.0, "confidence_source": "matching", "scores": [{"score": 100.0, "source": "matching"}]}, "original": {"product": "Windows Server 2016", "source": "cna", "vendor": "Microsoft"}, "product": "windows_server_2016", "vendor": "microsoft"}, {"configurations": [{"platform": ["x64-based_systems"], "status": "affected", "versions": {"scheme": "generic", "value": "[10.0.14393.0,10.0.14393.9060)"}}], "enrichment": {"confidence": 100.0, "confidence_source": "matching", "scores": [{"score": 100.0, "source": "matching"}]}, "original": {"product": "Windows Server 2016 (Server Core installation)", "source": "cna", "vendor": "Microsoft"}, "product": "windows_server_2016_(server_core_installation)", "vendor": "microsoft"}, {"configurations": [{"platform": ["x64-based_systems"], "status": "affected", "versions": {"scheme": "generic", "value": "[10.0.17763.0,10.0.17763.8644)"}}], "enrichment": {"confidence": 100.0, "confidence_source": "matching", "scores": [{"score": 100.0, "source": "matching"}]}, "original": {"product": "Windows Server 2019", "source": "cna", "vendor": "Microsoft"}, "product": "windows_server_2019", "vendor": "microsoft"}, {"configurations": [{"platform": ["x64-based_systems"], "status": "affected", "versions": {"scheme": "generic", "value": "[10.0.17763.0,10.0.17763.8644)"}}], "enrichment": {"confidence": 100.0, "confidence_source": "matching", "scores": [{"score": 100.0, "source": "matching"}]}, "original": {"product": "Windows Server 2019 (Server Core installation)", "source": "cna", "vendor": "Microsoft"}, "product": "windows_server_2019_(server_core_installation)", "vendor": "microsoft"}, {"configurations": [{"platform": ["x64-based_systems"], "status": "affected", "versions": {"scheme": "generic", "value": "[10.0.20348.0,10.0.20348.5020)"}}], "enrichment": {"confidence": 100.0, "confidence_source": "matching", "scores": [{"score": 100.0, "source": "matching"}]}, "original": {"product": "Windows Server 2022", "source": "cna", "vendor": "Microsoft"}, "product": "windows_server_2022", "vendor": "microsoft"}, {"configurations": [{"platform": ["x64-based_systems"], "status": "affected", "versions": {"scheme": "generic", "value": "[10.0.25398.0,10.0.25398.2274)"}}], "enrichment": {"confidence": 100.0, "confidence_source": "matching", "scores": [{"score": 100.0, "source": "matching"}]}, "original": {"product": "Windows Server 2022, 23H2 Edition (Server Core installation)", "source": "cna", "vendor": "Microsoft"}, "product": "windows_server_2022,_23h2_edition_(server_core_installation)", "vendor": "microsoft"}, {"configurations": [{"platform": ["x64-based_systems"], "status": "affected", "versions": {"scheme": "generic", "value": "[10.0.26100.0,10.0.26100.32690)"}}], "enrichment": {"confidence": 100.0, "confidence_source": "matching", "scores": [{"score": 100.0, "source": "matching"}]}, "original": {"product": "Windows Server 2025", "source": "cna", "vendor": "Microsoft"}, "product": "windows_server_2025", "vendor": "microsoft"}, {"configurations": [{"platform": ["x64-based_systems"], "status": "affected", "versions": {"scheme": "generic", "value": "[10.0.26100.0,10.0.26100.32690)"}}], "enrichment": {"confidence": 100.0, "confidence_source": "matching", "scores": [{"score": 100.0, "source": "matching"}]}, "original": {"product": "Windows Server 2025 (Server Core installation)", "source": "cna", "vendor": "Microsoft"}, "product": "windows_server_2025_(server_core_installation)", "vendor": "microsoft"}], "created": "2026-04-15T15:00:06.178570+00:00", "updated": "2026-04-29T17:30:16.158456+00:00", "vendors": ["microsoft", "microsoft$PRODUCT$windows_10_1607", "microsoft$PRODUCT$windows_10_1809", "microsoft$PRODUCT$windows_10_21h2", "microsoft$PRODUCT$windows_10_22h2", "microsoft$PRODUCT$windows_11_22h3", "microsoft$PRODUCT$windows_11_23h2", "microsoft$PRODUCT$windows_11_24h2", "microsoft$PRODUCT$windows_11_25h2", "microsoft$PRODUCT$windows_11_26h1", "microsoft$PRODUCT$windows_server_2012", "microsoft$PRODUCT$windows_server_2012_(server_core_installation)", "microsoft$PRODUCT$windows_server_2012_r2", "microsoft$PRODUCT$windows_server_2012_r2_(server_core_installation)", "microsoft$PRODUCT$windows_server_2016", "microsoft$PRODUCT$windows_server_2016_(server_core_installation)", "microsoft$PRODUCT$windows_server_2019", "microsoft$PRODUCT$windows_server_2019_(server_core_installation)", "microsoft$PRODUCT$windows_server_2022", "microsoft$PRODUCT$windows_server_2022,_23h2_edition_(server_core_installation)", "microsoft$PRODUCT$windows_server_2025", "microsoft$PRODUCT$windows_server_2025_(server_core_installation)"]}