CVE-2026-21525

⚠ KEVEPSS 9.4%

Microsoft Windows NULL Pointer Dereference Vulnerability

Added to CISA KEV: 2/10/2026

Description

Microsoft Windows Remote Access Connection Manager contains a NULL pointer dereference that could allow an unauthorized attacker to deny service locally.

Affected packages (0)

No package mapping in OSV.