THREAT OPS › Threat News › CVE-2026-47291: Remote Code Execution in the Windows HTTP.sys
CVE-2026-47291: Remote Code Execution in the Windows HTTP.sys
<p class=""><em>In this excerpt of a TrendAI Research Services vulnerability report, Yazhi Wang and Jonathan Lein of the TrendAI Research team detail a recently patched remote code execution bug in the Windows HTTP protocol stack. Successful exploitation of this vulnerability can result in a denial-of-service condition, or, in the worst case, code execution with kernel privileges. The following is
MITRE ATT&CK techniques
- VulnerabilitiesT1588.006
Indicators of compromise
- CVE-2026-47291cve
- https://go.trendmicro.com/tis/vulnerabilities.htmlurl
- https://infosec.exchange/@thezdiurl