CVE-2026-21249

CVSS Score & Metrics

Base Score

3.3 / 10

Vector String

                                        CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N                                    

External control of file name or path in Windows NTLM allows an unauthorized attacker to perform spoofing locally.

Published Date

February 10, 2026

Last Modified

February 11, 2026

CWE ID

CWE-73

Source

NVD

Vendor

microsoft

Product

windows_10_1607