{"document":{"category":"csaf_vex","csaf_version":"2.0","title":"CVE-2026-8863: CVE-2026-8863","publisher":{"category":"vendor","name":"HarborGuard Database","namespace":"https://database.harborguard.co"},"tracking":{"id":"CVE-2026-8863","status":"final","version":"1","initial_release_date":"2026-06-09T18:10:15.426Z","current_release_date":"2026-06-10T15:16:35.228Z","revision_history":[{"date":"2026-06-09T18:10:15.426Z","number":"1","summary":"Initial machine-readable export from HarborGuard."}]},"distribution":{"tlp":{"label":"WHITE"},"text":"Public CVE data; freely redistributable."},"notes":[{"category":"description","text":"Multiple Microsoft-sigend UEFI SHIM bootloaders are vulnerable to SecureBoot bypass. An attacker with administrative privileges or the ability to modify the boot process could use one of the vulnerable shim bootloaders to bypass Secure Boot protections and execute arbitrary code before the operating system loads. Specific UEFI DBX update is required to block these vulnerable boot loaders.","title":"CVE description"}],"references":[{"category":"self","summary":"CVE-2026-8863 on HarborGuard Database","url":"https://database.harborguard.co/cve/CVE-2026-8863"},{"category":"external","summary":"CVE Record","url":"https://www.cve.org/CVERecord?id=CVE-2026-8863"},{"category":"external","summary":"Microsoft Vendor Security Advisory","url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-8863"},{"category":"external","summary":"CERT/CC Vulnerability Notice","url":"https://kb.cert.org/vuls/id/616257"}]},"product_tree":{"branches":[{"category":"vendor","name":"Oracle Corporation","branches":[{"category":"product_name","name":"OracleLinux(7.2) shim","branches":[{"category":"product_version","name":"0.9","product":{"name":"Oracle Corporation OracleLinux(7.2) shim 0.9","product_id":"CSAFPID-1","product_identification_helper":{"cpe":"cpe:2.3:a:oracle_corporation:oraclelinux\\(7.2\\)_shim:0.9:*:*:*:*:*:*:*"}}}]}]},{"category":"vendor","name":"PC-Doctor","branches":[{"category":"product_name","name":"Service Center Enterprise","branches":[{"category":"product_version_range","name":">=14 <=17.0.7536.900","product":{"name":"PC-Doctor Service Center Enterprise >=14 <=17.0.7536.900","product_id":"CSAFPID-2","product_identification_helper":{"cpe":"cpe:2.3:a:pc-doctor:service_center_enterprise:*:*:*:*:*:*:*:*"}}}]}]},{"category":"vendor","name":"PC-Doctor","branches":[{"category":"product_name","name":"Service Center Drive Erase","branches":[{"category":"product_version_range","name":">=15 <=17.0.7538.592","product":{"name":"PC-Doctor Service Center Drive Erase >=15 <=17.0.7538.592","product_id":"CSAFPID-3","product_identification_helper":{"cpe":"cpe:2.3:a:pc-doctor:service_center_drive_erase:*:*:*:*:*:*:*:*"}}}]}]},{"category":"vendor","name":"PC-Doctor","branches":[{"category":"product_name","name":"Service Center Japan","branches":[{"category":"product_version_range","name":">=15 <=17.0.7539.904","product":{"name":"PC-Doctor Service Center Japan >=15 <=17.0.7539.904","product_id":"CSAFPID-4","product_identification_helper":{"cpe":"cpe:2.3:a:pc-doctor:service_center_japan:*:*:*:*:*:*:*:*"}}}]}]},{"category":"vendor","name":"PC-Doctor","branches":[{"category":"product_name","name":"Service Center","branches":[{"category":"product_version_range","name":">=14 <=17.0.7535.900","product":{"name":"PC-Doctor Service Center >=14 <=17.0.7535.900","product_id":"CSAFPID-5","product_identification_helper":{"cpe":"cpe:2.3:a:pc-doctor:service_center:*:*:*:*:*:*:*:*"}}}]}]},{"category":"vendor","name":"PC-Doctor","branches":[{"category":"product_name","name":"Network Factory for Linux (Bootable Diagnostics)","branches":[{"category":"product_version_range","name":">=6.9 <=6.20.7711.267","product":{"name":"PC-Doctor Network Factory for Linux (Bootable Diagnostics) >=6.9 <=6.20.7711.267","product_id":"CSAFPID-6","product_identification_helper":{"cpe":"cpe:2.3:a:pc-doctor:network_factory_for_linux_\\(bootable_diagnostics\\):*:*:*:*:*:*:*:*"}}}]}]},{"category":"vendor","name":"PC-Doctor","branches":[{"category":"product_name","name":"Factory for Linux (Bootable Diagnostics)","branches":[{"category":"product_version_range","name":">=6.9 <=6.20.7710.267","product":{"name":"PC-Doctor Factory for Linux (Bootable Diagnostics) >=6.9 <=6.20.7710.267","product_id":"CSAFPID-7","product_identification_helper":{"cpe":"cpe:2.3:a:pc-doctor:factory_for_linux_\\(bootable_diagnostics\\):*:*:*:*:*:*:*:*"}}}]}]},{"category":"vendor","name":"Spyrus","branches":[{"category":"product_name","name":"WTGCreator","branches":[{"category":"product_version","name":"4.2","product":{"name":"Spyrus WTGCreator 4.2","product_id":"CSAFPID-8","product_identification_helper":{"cpe":"cpe:2.3:a:spyrus:wtgcreator:4.2:*:*:*:*:*:*:*"}}}]}]},{"category":"vendor","name":"Blancco UK","branches":[{"category":"product_name","name":"WhiteCanyon WipeDrive","branches":[{"category":"product_version_range","name":">=8.0.0 <=8.1.3","product":{"name":"Blancco UK WhiteCanyon WipeDrive >=8.0.0 <=8.1.3","product_id":"CSAFPID-9","product_identification_helper":{"cpe":"cpe:2.3:a:blancco_uk:whitecanyon_wipedrive:*:*:*:*:*:*:*:*"}}}]}]},{"category":"vendor","name":"baramundi software","branches":[{"category":"product_name","name":"baramundi Management Suite","branches":[{"category":"product_version_range","name":">=* <=2024R1","product":{"name":"baramundi software baramundi Management Suite >=* <=2024R1","product_id":"CSAFPID-10","product_identification_helper":{"cpe":"cpe:2.3:a:baramundi_software:baramundi_management_suite:*:*:*:*:*:*:*:*"}}}]}]},{"category":"vendor","name":"SUSE Linux","branches":[{"category":"product_name","name":"OpenSUSE shim","branches":[{"category":"product_version","name":"0.9","product":{"name":"SUSE Linux OpenSUSE shim 0.9","product_id":"CSAFPID-11","product_identification_helper":{"cpe":"cpe:2.3:a:suse_linux:opensuse_shim:0.9:*:*:*:*:*:*:*"}}}]}]},{"category":"vendor","name":"Finland Matriculation Board","branches":[{"category":"product_name","name":"Abitti 1","branches":[{"category":"product_version","name":"1.0.0","product":{"name":"Finland Matriculation Board Abitti 1 1.0.0","product_id":"CSAFPID-12","product_identification_helper":{"cpe":"cpe:2.3:a:finland_matriculation_board:abitti_1:1.0.0:*:*:*:*:*:*:*"}}}]}]},{"category":"vendor","name":"NTC IT ROSA LLC","branches":[{"category":"product_name","name":"RosaLinux","branches":[{"category":"product_version","name":"R9","product":{"name":"NTC IT ROSA LLC RosaLinux R9","product_id":"CSAFPID-13","product_identification_helper":{"cpe":"cpe:2.3:a:ntc_it_rosa_llc:rosalinux:r9:*:*:*:*:*:*:*"}}}]}]},{"category":"vendor","name":"NTC IT ROSA LLC","branches":[{"category":"product_name","name":"RosaLinux","branches":[{"category":"product_version","name":"R10","product":{"name":"NTC IT ROSA LLC RosaLinux R10","product_id":"CSAFPID-14","product_identification_helper":{"cpe":"cpe:2.3:a:ntc_it_rosa_llc:rosalinux:r10:*:*:*:*:*:*:*"}}}]}]}]},"vulnerabilities":[{"cve":"CVE-2026-8863","title":"CVE-2026-8863","notes":[{"category":"description","text":"Multiple Microsoft-sigend UEFI SHIM bootloaders are vulnerable to SecureBoot bypass. An attacker with administrative privileges or the ability to modify the boot process could use one of the vulnerable shim bootloaders to bypass Secure Boot protections and execute arbitrary code before the operating system loads. Specific UEFI DBX update is required to block these vulnerable boot loaders.","title":"CVE description"}],"product_status":{"known_affected":["CSAFPID-1","CSAFPID-2","CSAFPID-3","CSAFPID-4","CSAFPID-5","CSAFPID-6","CSAFPID-7","CSAFPID-8","CSAFPID-9","CSAFPID-10","CSAFPID-11","CSAFPID-12","CSAFPID-13","CSAFPID-14"]},"scores":[{"cvss_v3":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH"},"products":["CSAFPID-1","CSAFPID-2","CSAFPID-3","CSAFPID-4","CSAFPID-5","CSAFPID-6","CSAFPID-7","CSAFPID-8","CSAFPID-9","CSAFPID-10","CSAFPID-11","CSAFPID-12","CSAFPID-13","CSAFPID-14"]}],"remediations":[{"category":"none_available","details":"No fixed version is published yet. Monitor the upstream advisory.","product_ids":["CSAFPID-1","CSAFPID-2","CSAFPID-3","CSAFPID-4","CSAFPID-5","CSAFPID-6","CSAFPID-7","CSAFPID-8","CSAFPID-9","CSAFPID-10","CSAFPID-11","CSAFPID-12","CSAFPID-13","CSAFPID-14"]}]}]}