CVE-2022-26925
ENISA EUVD: EUVD-2022-31470 ↗
Exploited in the Wild
✓ Confirmed 0-Day
★ Google Project Zero
Triaged: March 3, 2026
3 articles
Published: 2022-05-10
EPSS Score
Source: FIRST.org · 2026-05-23
37.43%
probability
This CVE has a 37.43% probability
of being exploited in the next 30 days.
0%
Top 97.2th percentile of all CVEs
100%
CVSS v3.1
Source: VulnerabilityLookup (CIRCL)8.1
HIGH
Attack Vector
Network
Attack Complexity
High
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High
Temporal
Exploit Code Maturity
Unproven
Remediation Level
Official Fix
Report Confidence
Confirmed
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
CVSS v2 (legacy)
4.3
MEDIUM
Access Vector
Network
Access Complexity
Medium
Authentication
None
Confidentiality
None
Integrity
Partial
Availability
None
AV:N/AC:M/Au:N/C:N/I:P/A:N
Description
NVDWindows LSA Spoofing Vulnerability
Affected Products
Microsoft
Windows 10 Version 1809
10.0.17763.0
Microsoft
Windows 10 Version 1809
10.0.0
Microsoft
Windows Server 2019
10.0.17763.0
Microsoft
Windows Server 2019 (Server Core installation)
10.0.17763.0
Microsoft
Windows 10 Version 1909
10.0.0
Attack Intelligence
Google Project Zero
Patched
May 10, 2022
Reported by
Raphael John with Bertelsmann Printing Group
Root Cause Analysis
???
Signal Intelligence
Confidence
78%
EPSS
37.43%
CVSS v3.1
8.1
Mentions
3
Last Seen
May 11, 2022
CNA Information
CNA Assigner
microsoft
CNA Title
Windows LSA Spoofing Vulnerability
Analyst Note
CVE-2022-26925 is confirmed as a legitimate Windows LSA spoofing vulnerability affecting Windows 10, with a high CVSS score of 8.1 and validation from Google Project Zero and CERT-EU. The vulnerability has documented evidence from an authoritative security advisory, though its absence from CISA KEV and limited article coverage (1 source) suggests it may be less actively exploited or remediated compared to other critical Windows issues.
Triage Info
Decided atMar 03, 2026
Published DateMay 10, 2022