cve-2026-48568

CVE-2026-48568 is a Windows Secure Boot security feature bypass disclosed by Microsoft on June 9, 2026, as part of the June Patch Tuesday updates. Rated Important, the vulnerability allows a local authorized attacker to bypass Secure Boot protections. It affects supported Windows client and server releases. The flaw lies in the boundary between firmware trust, boot policy, and the operating system's assumption of an honest early boot chain. No public exploit code or wormable warnings have been reported, making this a quieter but familiar issue for Windows administrators managing boot security.