THREATOPS
THREAT OPSThreat News › CVE-2026-47291: Remote Code Execution in the Windows HTTP.sys

CVE-2026-47291: Remote Code Execution in the Windows HTTP.sys

medzdi_blogPublished 2026-07-10

<p class=""><em>In this excerpt of a TrendAI Research Services vulnerability report, Yazhi Wang and Jonathan Lein of the TrendAI Research team detail a recently patched remote code execution bug in the Windows HTTP protocol stack. Successful exploitation of this vulnerability can result in a denial-of-service condition, or, in the worst case, code execution with kernel privileges. The following is

MITRE ATT&CK techniques

Indicators of compromise

Original source: https://www.thezdi.com/blog/2026/7/9/cve-2026-47291-remote-code-execution-in-the-windows-httpsys