CVE-2026-56181 - Windows Network Address Translation (NAT) Spoofing Vulnerability - is an Origin Validation Error affecting Windows 11 and Windows Server 2025. It is a spoofing issue with high CVSS v3.1 severity: base score 8.3 and temporal score 7.2. The attack vector is adjacent network, requires no privileges and no user interaction, but has high attack complexity and changed scope. Microsoft reports no public disclosure and no known exploitation, with exploit code maturity unproven. Enterprise risk is mainly for logically adjacent or shared-network environments, not direct internet exposure. Highlights: - CVSS scores: Base 8.3 - Temporal 7.2 - Exploit status & code maturity: Publicly Disclosed: No; Exploited: No; Exploit Code Maturity: UNPROVEN. - Impact: Spoofing; confidentiality, integrity, and availability impacts are all HIGH. - Exploitation likelihood: Exploitation Less Likely; the adjacent-network vector and high attack complexity indicate the attacker must be in a logically adjacent position, consistent with a MITM-style setup. - Severity for enterprise: High. Risk is elevated for internal networks, shared subnets, or other logically adjacent environments where an attacker could influence network traffic; it is less relevant to isolated or purely internet-exposed services. - Patch status: available Affected systems: - Windows 11 24H2 - Windows 11 25H2 - Windows 11 26H1 - Windows 11 unspecified - Windows Server 2025