NVD CRITICAL: CVE-2026-47291 — Integer overflow or wraparound in Windows HTTP.sys allows an unauthorized attack...

Tuesday, June 9, 2026 at 05:17 PM UTC·Source: NIST NVD

Updated: Wednesday, June 10, 2026 at 03:00 PM UTC

Executive Summary

Integer overflow or wraparound in Windows HTTP.sys allows an unauthorized attacker to execute code over a network.

Analysis

Integer overflow or wraparound in Windows HTTP.sys allows an unauthorized attacker to execute code over a network. CVSS Score: 9.8. Published: 2026-06-09T17:17:34.627.

Indicators of Compromise (1)

CVE (1)

CVE-2026-47291

NVD MITRE CVE

Source Attribution

Originally published by NIST NVD on Jun 9, 2026. Verified by: NIST.

Related Threats

MEDIUMVulnerability

Chinese, N. Korean Threat Groups Build on Asia-Pacific Success

North Korea's gross domestic product (GDP) has grown, in part because of the cybercrime gains of groups linked to the nation, which target business and financial firms.

2h agoDark Reading

MEDIUMVulnerability

FSB guides banks on resposible adoption of AI

The Financial Stability Council is inviting feedback on a new consultation on sound practices for the responsible adoption of artificial intelligence within the financial sector.

2h agoFinextra

MEDIUMVulnerability

Mastercard launches Agent Pay for Machines

Mastercard has lined up a host of firms behind its latest AI commerce tool, Agent Pay for Machines (AP4M).

2h agoFinextra