CVE Catalog
CVE-2026-47291
CriticalCVSS 9.8Exploitation Probability (EPSS)
Low risk0.20%
42th percentile — higher than 42% of all known CVEs
Summary
Integer overflow or wraparound in Windows HTTP.sys allows an unauthorized attacker to execute code over a network.
Risk Assessment
An attacker can remotely execute malicious code, posing a serious threat to the security of the system and the organization's data.
Recommendation
It is recommended to update Windows to the latest version to mitigate this vulnerability and to monitor network traffic for potential attacks.
Original NVD description (English source)
Integer overflow or wraparound in Windows HTTP.sys allows an unauthorized attacker to execute code over a network.

