CVE-2026-40639
MEDIUMDescription
Dell Client Platform BIOS contains a Weak Encoding for Password vulnerability. An unauthenticated attacker with physical access could potentially exploit this vulnerability, leading to Elevation of Privileges.
Is your site exposed to CVE-2026-40639?
Run a free security scan — no signup, results in seconds.
CVSS v3.1 Score
EPSS — Exploit Prediction
EPSS estimates the probability that this vulnerability will be exploited in the wild within the next 30 days. A higher score means more likely to be exploited.
Weakness Type (CWE)
References
Other References
Frequently Asked Questions
What is CVE-2026-40639? +
How severe is CVE-2026-40639? +
How do I check if I'm vulnerable to CVE-2026-40639? +
Related Vulnerabilities
Use of a weak password encoding algorithm in STER software allows the value of the password to be guessed after …
The Campbell Scientific CSI Web Server stores web authentication credentials in a file with a specific file name. Passwords within …
Use of a custom password encoding algorithm in Streamsoft Prestiż software allows straightforward decoding of passwords using their encoded forms, …
The credentials required to access the device's web server are sent in base64 within the HTTP headers. Since base64 is …
A logic issue was addressed with improved checks. This issue is fixed in iOS 18.6 and iPadOS 18.6. Passcode may …
Authenticator is a browser extension that generates two-step verification codes. In versions 7.0.0 and below, encryption keys for user data …