THREAT OPS › CVEs › CVE-2026-21525
CVE-2026-21525 — Microsoft Windows NULL Pointer Dereference Vulnerability
Microsoft Windows Remote Access Connection Manager contains a NULL pointer dereference that could allow an unauthorized attacker to deny service locally.
Vulnerability details
- Affected productsWindows
- KEV remediation due2026-03-03
Exploiting threat actors
- Earth LuscaG1006