Vulnerability · NVD
CVE-2026-25185
HIGH 5.3
Windows Shell Link Processing Spoofing Vulnerability
EPSS
0.06%
exploit very unlikely
percentile 18.4%
OS versions that fix this CVE
This CVE is resolved by the following OS security releases. Update the OS to at least the listed version.
- Windows Fixed in Windows Server 2025 (Server Core installation) 10.0.26100.32522 Windows Server 2025 10.0.26100.32522 Windows Server 2022 (Server Core installation) 10.0.20348.4893 Windows Server 2022 10.0.25398.2207 Windows Server 2019 (Server Core installation) 10.0.17763.8511 Windows Server 2019 10.0.17763.8511 Windows Server 2016 (Server Core installation) 10.0.14393.8957 Windows Server 2016 10.0.14393.8957 Windows 11 26H1 · 2026-H1 10.0.28000.1719 Windows 11 25H2 · 2025-H2 10.0.26200.8037 Windows 11 24H2 · 2024-H2 10.0.26100.8037 Windows 11 23H2 · 2023-H2 10.0.22631.6783 Windows 10 22H2 · 2022-H2 10.0.19045.7058 Windows 10 21H2 · 2021-H2 10.0.19044.7058 Windows 10 1809 · 2018-09 10.0.17763.8511 Windows 10 1607 · 2016-07 10.0.14393.8957