← Back

CVE-2026-21243

nvd nist
Published: Feb 10, 2026Modified: Feb 11, 2026

JSON object

Loading...
7.5
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Exploitability: 3.9 / Impact: 3.6
Source: secure@microsoft.com

Description

Null pointer dereference in Windows LDAP - Lightweight Directory Access Protocol allows an unauthorized attacker to deny service over a network.

Affected (4)

Microsoft
4 products
Windows Server 2019
Windows Server 2022
Windows Server 2022 23h2
Windows Server 2025
Configuration A
4 vulnerable
Vulnerable SoftwareAffected Versions
Windows Server 2019
Before 10.0.17763.8389
Windows Server 2022
Before 10.0.20348.4711
Windows Server 2022 23h2
Before 10.0.25398.2149
Windows Server 2025
Before 10.0.26100.32313

Related CWEs

CWE-476
NULL Pointer Dereference
The product dereferences a pointer that it expects to be valid but is NULL.

References (1)

Source: secure@microsoft.com
Vendor Advisory

Timeline

No history available yet.