Skip to content
Threat Feed

Tag

Http.sys

1 brief RSS
high advisory

Windows HTTP.sys Local Privilege Escalation Vulnerability (CVE-2026-21250)

A local privilege escalation vulnerability exists in Windows 11 24H2, Windows 11 25H2, and Windows Server 2022 23H2 due to improper handling of untrusted pointers in HTTP.sys via strcat truncation.

Windows 11 +1 local-privilege-escalation windows cve-2026-21250 http.sys
2r 1t 1c