Vulnerability · NVD
CVE-2026-20872
HIGH 6.5
NTLM Hash Disclosure Spoofing Vulnerability
EPSS
0.13%
exploit very unlikely
percentile 31.9%
OS versions that fix this CVE
This CVE is resolved by the following OS security releases. Update the OS to at least the listed version.
- Windows Fixed in Windows Server 2025 (Server Core installation) 10.0.26100.32230 Windows Server 2025 10.0.26100.32230 Windows Server 2022 (Server Core installation) 10.0.20348.4648 Windows Server 2022 10.0.25398.2092 Windows Server 2019 (Server Core installation) 10.0.17763.8276 Windows Server 2019 10.0.17763.8276 Windows Server 2016 (Server Core installation) 10.0.14393.8783 Windows Server 2016 10.0.14393.8783 Windows 11 25H2 · 2025-H2 10.0.26200.7623 Windows 11 24H2 · 2024-H2 10.0.26100.7623 Windows 11 23H2 · 2023-H2 10.0.22631.6491 Windows 10 22H2 · 2022-H2 10.0.19045.6809 Windows 10 21H2 · 2021-H2 10.0.19044.6809 Windows 10 1809 · 2018-09 10.0.17763.8276 Windows 10 1607 · 2016-07 10.0.14393.8783