CVE-2026-21513

HIGH Actively Exploited

MSHTML Framework Security Feature Bypass Vulnerability

CVSS v3

8.8

HIGH

EPSS Score

28.1%

exploit probability

CISA KEV

No

known exploited

Exploitation

active

SSVC status

Description

Protection mechanism failure in MSHTML Framework allows an unauthorized attacker to bypass a security feature over a network.

Technical Details

CVSS v3 Vector
3.1
Published
2/10/2026
Last Modified
3/30/2026

Frequently Asked Questions

What is CVE-2026-21513?

Protection mechanism failure in MSHTML Framework allows an unauthorized attacker to bypass a security feature over a network.

Is CVE-2026-21513 actively exploited?

Yes. CVE-2026-21513 has been observed in active exploitation according to SSVC analysis.

What is the CVSS score for CVE-2026-21513?

CVE-2026-21513 has a CVSS v3 base score of 8.8 (HIGH severity), with vector string 3.1.

Is CVE-2026-21513 affecting your environment?

Use isMalicious to check if any of your IPs or domains are associated with this vulnerability's IOCs.

Check an IPSearch CVEs
Back to CVE Database