CVE-2026-21525: Microsoft Windows NULL Pointer Dereference Vulnerability.
Microsoft Windows NULL Pointer Dereference Vulnerability. Microsoft Windows Remote Access Connection Manager contains a NULL pointer dereference that could allow an unauthorized attacker to deny service locally.
- CISA KEV-listed (remediation due 2026-03-03)
- EPSS 9.4% (93.0% percentile)