THREAT OPS › CVEs › CVE-2026-21513
CVE-2026-21513 — Microsoft MSHTML Framework Protection Mechanism Failure Vulnerability
Microsoft MSHTML Framework contains a protection mechanism failure vulnerability that could allow an unauthorized attacker to bypass a security feature over a network.
Vulnerability details
- Affected productsWindows
- KEV remediation due2026-03-03
Exploiting threat actors
- EquationG0020
- Earth LuscaG1006
- APT28G0007
Related reporting
- The February 2026 Security Update Reviewzdi_blog
- June 2026 CVE Landscaperecordedfuture