Untrusted pointer dereference in Windows HTTP.sys allows an authorized attacker to elevate privileges locally.
Microsoft
CVE-2026-21232 CVSS 7.8
2026-02-10 08:00 UTC · 2026-02-10 05:00 -03
Untrusted pointer dereference in Windows HTTP.sys allows an authorized attacker to elevate privileges locally.
Heap-based buffer overflow in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.
Improper access control in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.
Time-of-check time-of-use (toctou) race condition in Windows HTTP.sys allows an authorized attacker to elevate privileges locally.
Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.