Facebook
Microsoft Addresses CVE-2026-21513 Zero-Day Exploit in February
First seen 2 Mar 2026, 16:11 UTC
•
•81% similarity
•41.1
Share:
Export
Ask AI about this cluster
Analyzing cluster data...
Referenced clusters:
Something went wrong. Please try again.
Cluster AI
Ask questions about this threat cluster with AI-powered analysis.
Get Researcher $29.99/moArticle Content
Browse articles
Microsoft has resolved CVE-2026-21513, a vulnerability with a CVSS score of 8.8, after confirming its exploitation in the wild. The flaw, located in the MSHTML component and specifically in ieframe.dll, allowed attackers to bypass security measures. The vulnerability was published on February 10, 2026, and was added to the CISA KEV list on the same day.
ThreatCluster AI
Timeline
2026-02-10
CVE-2026-21513 published
2026-02-10
CVE-2026-21513 added to CISA KEV (active exploitation)
Recent
Microsoft confirmed zero-day exploitation and released a patch