CVE-2026-21513: Microsoft MSHTML Framework Protection Mechanism Failure

Microsoft MSHTML Framework Protection Mechanism Failure Vulnerability. Microsoft MSHTML Framework contains a protection mechanism failure vulnerability that could allow an unauthorized attacker to bypass a security feature over a network.

• CISA KEV-listed (remediation due 2026-03-03)
• EPSS 28.0% (96.6% percentile)

Browse the CVE database

Read the full analysis on IntelFusions