Black & White Path
Jul 13, 2026 · Information Security
Deep Dive into CVE‑2026‑47291: Windows HTTP.sys RCE and Public PoC
Security researcher Omair released a PoC for CVE‑2026‑47291, a critical integer‑overflow flaw in Windows HTTP.sys that enables unauthenticated remote code execution with SYSTEM privileges across a fourteen‑year span of Windows client and server versions, prompting urgent patching and mitigation guidance.
CVE-2026-47291HTTP.sysPatch
0 likes · 10 min read
