What is the CVSS score of CVE-2021-26411?

CVE-2021-26411 has a CVSS 3.1 base score of 8.8 (High). CVSS vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:H/A:L. EPSS exploitation probability: 92.5%.

Is CVE-2021-26411 being actively exploited?

Yes, CVE-2021-26411 is listed in the CISA Known Exploited Vulnerabilities (KEV) catalog, confirming active in-the-wild exploitation. Immediate patching is required.

How to fix or mitigate CVE-2021-26411?

Within 24 hours: Identify all affected systems and apply vendor patches immediately. If patching is delayed, consider network segmentation to limit exposure.

CVE-2021-26411

HIGH

Use After Free (CWE-416)

2021-03-11 secure@microsoft.com

8.8

CVSS 3.1

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:H/A:L

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

Required

Scope

Changed

Confidentiality

Low

Integrity

High

Availability

Low

Lifecycle Timeline

Analysis Generated

Mar 26, 2026 - 11:19 vuln.today

Added to CISA KEV

Oct 30, 2025 - 19:56 cisa

CISA KEV

Patch released

Oct 30, 2025 - 19:56 nvd

Patch available

CVE Published

Mar 11, 2021 - 16:15 nvd

HIGH 8.8

DescriptionNVD

Internet Explorer Memory Corruption Vulnerability

AnalysisAI

Internet Explorer contains a memory corruption vulnerability exploited by the Lazarus Group (North Korea) in campaigns targeting security researchers via social engineering and malicious websites in early 2021.

Technical ContextAI

The CWE-416 use-after-free in IE's rendering engine enables code execution when processing specially crafted HTML/JavaScript content. The exploit achieved reliable execution through heap manipulation techniques.

Affected ProductsAI

Microsoft Internet Explorer Affected Windows versions

RemediationAI

Use modern browsers exclusively. Apply Microsoft security update. Security researchers should use isolated VMs for browsing untrusted content.

CVE-2021-26411 vulnerability details – vuln.today

Back