CVE-2026-32088

Concurrent execution using shared resource with improper synchronization (‘race condition’) in Windows Biometric Service allows an unauthorized attacker to bypass a security feature with a physical attack.

More information : https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-32088