CVE-2026-21510

Name of the Vulnerable Software and Affected Versions Microsoft Windows Shell versions prior to February 2026 Patch Tuesday

Description A security feature bypass issue exists in the Windows Shell, allowing an unauthorized attacker to circumvent security features over a network. This vulnerability has been actively exploited in the wild, enabling attackers to bypass Windows SmartScreen and Mark-of-the-Web (MOTW) protections. Specifically, crafted malicious shortcuts (.LNK files) or links can evade security checks, leading to silent payload execution without user warnings. This bypass reduces execution friction in phishing campaigns and can facilitate the deployment of information stealers or ransomware. The vulnerability requires user interaction, such as clicking a malicious link or opening a crafted file. The issue affects Windows 10, Windows 11, and Windows Server.

Recommendations Apply the February 2026 Patch Tuesday updates immediately. Treat untrusted .LNK files and links as high-risk until systems are fully updated.