CVE-2026-20872

Unknown Unknown - Not Provided

Path Traversal in Windows NTLM Enables Network Spoofing

Publication date: 2026-01-13

Last updated on: 2026-03-27

Assigner: Microsoft Corporation

Description

External control of file name or path in Windows NTLM allows an unauthorized attacker to perform spoofing over a network.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published

2026-01-13

Last Modified

2026-03-27

Generated

2026-06-16

AI Q&A

2026-01-14

EPSS Evaluated

2026-06-14

NVD

CVE-2026-20872

Affected Vendors & Products

Vendor	Product	Version / Range
microsoft	windows_ntlm	*

Helpful Resources

Exploitability

CWE

KEV

CWE ID	Description
CWE-73	The product allows user input to control or influence paths or file names that are used in filesystem operations.

Attack-Flow Graph

Executive Summary

This vulnerability involves external control of the file name or path in Windows NTLM, which allows an unauthorized attacker to perform spoofing over a network. [1]

Impact Analysis

The vulnerability can impact you by enabling an unauthorized attacker to spoof identities or resources over a network, potentially leading to security breaches. [1]

Hi! I’m here to help you understand CVE-2026-20872. Ask me anything about the vulnerability, its impact, or mitigation strategies.

0/70

CVE-2026-20872

Path Traversal in Windows NTLM Enables Network Spoofing

Description

CVSS Scores

EPSS Scores

Meta Information

Affected Vendors & Products

Helpful Resources

Exploitability

Attack-Flow Graph

AI Quick Actions

Chat Assistant

EPSS Chart