VYPR
Unrated severityNVD Advisory· Published Feb 10, 2026· Updated Apr 10, 2026

Windows HTTP.sys Elevation of Privilege Vulnerability

CVE-2026-21240

Description

Time-of-check time-of-use (toctou) race condition in Windows HTTP.sys allows an authorized attacker to elevate privileges locally.

Affected products

14

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.