CVE-2026-21302: Windows CLFS Privilege Escalation

Score: 7.8
HIGH
Published: 2026-02-11Affected: Windows 10/11, Server 2016-2025CWE-787 β†—

Is Windows CLFS still being exploited?

An out-of-bounds write vulnerability in the Windows Common Log File System (CLFS) driver. Local attackers can escalate privileges to SYSTEM by exploiting memory corruption in log file parsing, a recurring attack surface in Windows.

Impact & Exploitation

CLFS has been a persistent attack surface with multiple zero-days. Used by ransomware groups for post-exploitation privilege escalation. Affects all supported Windows versions.

Related Resources

πŸ” Related CWE Entries

πŸ“– Security Guides

πŸ›‘οΈ Notable Vulnerabilities

πŸ”— External References

Precogs Logo

Precogs Research

This vulnerability intelligence report was analyzed and enriched by the Precogs AI Security Team. Our researchers continuously monitor emerging threats across AI code, LLM pipelines, and binary architectures to ensure accurate real-time remediation guidance.

Base Score

CVSS7.8
SeverityHIGH
CWECWE-787
Published2026-02-11

Tags

windowskernelprivilege-escalationransomware

Quick Links

Is your system affected?

Precogs AI detects Windows CLFS Privilege Escalation in compiled binaries and firmware β€” even without source code.

Request Deep Analysis

Is Your System Still Exposed to Critical CVEs?

Vulnerabilities like CVE-2026-21302 Windows CLFS Privilege Escalation don’t just exist in source code β€” they persist in compiled binaries, containers, and embedded systems. Precogs AI detects vulnerable components across your entire stack β€” even when source code isn’t available.

Request Deep AnalysisBook a demo