Windows BitLocker Input Validation Weakness Allows Local Bypass

Monitor vulnerabilities like this one. Sign up free to get alerted when software you use is affected.

7.7

Windows BitLocker Input Validation Weakness Allows Local Bypass

CVE-2026-27913

Summary

An attacker with physical access to a Windows system can potentially bypass BitLocker encryption by exploiting a weakness in input validation. This means they may be able to access encrypted data without the proper authorization. To mitigate this risk, ensure all Windows systems are up to date with the latest security patches.

Original title

Improper input validation in Windows BitLocker allows an unauthorized attacker to bypass a security feature locally.

Original description

Improper input validation in Windows BitLocker allows an unauthorized attacker to bypass a security feature locally.

nvd CVSS3.1 7.7

Vulnerability type

CWE-20 Improper Input Validation

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-27913

Published: 14 Apr 2026 · Updated: 14 Apr 2026 · First seen: 14 Apr 2026