Windows HTTP.sys Elevation of Privilege Vulnerability_CVE-2026-21250

7.8 / 10

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

Basic Information

ID CVE-2026-21250

Source microsoft

Published Feb 10, 2026 at 17:51

Modified Feb 10, 2026 at 18:58

Affected Product

Vendor Microsoft

Product Windows Server 2025 (Server Core installation)

Version 10.0.26100.0

Affected Versions Microsoft Windows Server 2025 (Server Core installation) 10.0.26100.0
Microsoft Windows 11 Version 25H2 10.0.26200.0
Microsoft Windows Server 2022, 23H2 Edition (Server Core installation) 10.0.25398.0
Microsoft Windows 11 Version 24H2 10.0.26100.0
Microsoft Windows Server 2025 10.0.26100.0
Microsoft Windows 11 version 26H1 10.0.28000.0
Microsoft Windows 11 Version 26H1 10.0.28000.0

CWE Classification

CWE-822

References

msrc.microsoft.com /update-guide/vulnerability/CVE-2026-21250

{
    "lastseen": "",
    "description": "",
    "published": "2026-02-10T17:51:41.521Z",
    "modified": "2026-02-10T18:58:26.813Z",
    "type": "cve",
    "title": "Windows HTTP.sys Elevation of Privilege Vulnerability",
    "source": "microsoft",
    "references": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-21250",
    "id": "CVE-2026-21250",
    "bulletinFamily": "",
    "cwe": [
        "CWE-822"
    ],
    "cvelist": null,
    "sourceData": "Microsoft Windows Server 2025 (Server Core installation) 10.0.26100.0\nMicrosoft Windows 11 Version 25H2 10.0.26200.0\nMicrosoft Windows Server 2022, 23H2 Edition (Server Core installation) 10.0.25398.0\nMicrosoft Windows 11 Version 24H2 10.0.26100.0\nMicrosoft Windows Server 2025 10.0.26100.0\nMicrosoft Windows 11 version 26H1 10.0.28000.0\nMicrosoft Windows 11 Version 26H1 10.0.28000.0",
    "sourceHref": "",
    "cvss": {
        "score": 7.8,
        "severity": "HIGH",
        "vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "Windows Server 2025 (Server Core installation)",
    "version": "10.0.26100.0",
    "vendor": "Microsoft",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}

Basic Information

Affected Product

CWE Classification

References

💭 Join the Security Discussion ❌ Cancel Reply