CVE-2026-21533

Exploited in the Wild ✓ Confirmed 0-Day ★ Google Project Zero
Triaged: Feb. 18, 2026 7 articles
VulnLookup ↗ NVD ↗ MITRE ↗ Advisory ↗ P0 Sheet ↗ CISA KEV ↗

EPSS Score

Source: FIRST.org · 2026-05-24
17.35%
probability
This CVE has a 17.35% probability of being exploited in the next 30 days.
0% Top 95.1th percentile of all CVEs 100%
CVSS score unavailable
Neither CIRCL nor NVD returned a CVSS score for this CVE. View on VulnerabilityLookup ↗

Description

Project Zero
Windows Remote Desktop Services Elevation of Privilege Vulnerability

Attack Intelligence

Google Project Zero

Patched
Feb. 10, 2026
Reported by
Advanced Research Team, CrowdStrike

Exploits & PoC

fevar54/CVE-2026-21533_Scanner.py

Este repositorio contiene una herramienta de **detección** para la vulnerabilidad CVE-2026-21533, una falla de gestión de privilegios en los Servicios

0
1 repo — triés par ⭐ Rechercher sur GitHub ↗

Signal Intelligence

Confidence
92%
EPSS 17.35%
Mentions 7
Last Seen Mar 10, 2026

CNA Information

Analyst Note

CVE-2026-21533 is confirmed as an actively exploited zero-day with strong corroboration from multiple reputable sources (TheHackerNews, BleepingComputer, Tenable, CISA) reporting Microsoft's February 2026 patch addressing six zero-days in the wild. The vulnerability is also tracked by Google Project Zero, and the HIGH severity CVSS score (7.8) combined with privilege escalation capability in a widely-deployed OS component provides additional validation.

Threat Actors 2

Ice Fog
apt_group Information theft and espionage 🇨🇳 CN
Nomad Panda
apt_group Information theft and espionage 🇨🇳 CN

Triage Info

Decided atFeb 18, 2026