KB5075904: Windows 10 version 1809 / Windows Server 2019 Security Update (February 2026)

The remote Windows host is missing security update 5075904. It is, therefore, affected by multiple vulnerabilities - Protection mechanism failure in MSHTML Framework allows an unauthorized attacker to bypass a security feature over a network. CVE-2026-21513 - Access of resource using incompatible...

KB5077179: Windows 11 Version 26H1 Security Update (February 2026)

The remote Windows host is missing security update 5077179. It is, therefore, affected by multiple vulnerabilities - Protection mechanism failure in MSHTML Framework allows an unauthorized attacker to bypass a security feature over a network. CVE-2026-21513 - Access of resource using incompatible...

CVE-2024-30040

Windows MSHTML Platform Security Feature Bypass Vulnerability...

CVE-2023-35628

Windows MSHTML Platform Remote Code Execution Vulnerability...

CVE-2023-21805

Windows MSHTML Platform Remote Code Execution Vulnerability...

VulnCheck KEV: CVE-2019-0541

Microsoft MSHTML engine contains an improper input validation vulnerability that allows for remote code execution vulnerability...

CVE-2020-1064

A remote code execution vulnerability exists in the way that the MSHTML engine improperly validates input.An attacker could execute arbitrary code in the context of the current user, aka 'MSHTML Engine Remote Code Execution Vulnerability'...

Microsoft Internet Explorer MSHTML Engine Remote Code Execution Vulnerability

Microsoft Internet Explorer IE is a Web browser that comes with the Windows operating system from the American company Microsoft. A remote code execution vulnerability exists in the MSHTML Engine in Microsoft Internet Explorer versions 9 and 11, which arises from the program failing to properly...

Microsoft MSHTML Engine Input Validation Vulnerability

Microsoft Internet Explorer and others are products of Microsoft Corporation.Microsoft Internet Explorer IE is a web browser.Office 2010 SP2 is an office suite.Microsoft MSHTML engine Office 2010 SP2 is an office suite. Microsoft MSHTML engine is one of the engines used to parse the HTML language...

Internet Explorer CSS Recursive Import Use After Free

No description provided by source. $Id: ms11003iecssimport.rb 11730 2011-02-08 23:31:44Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms...

Internet Explorer CSS SetUserClip Memory Corruption

No description provided by source. $Id: ms10090iecssclip.rb 11610 2011-01-20 19:30:59Z egypt $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms o...

MS11-003 Microsoft Internet Explorer CSS Recursive Import Use After Free

This module exploits a memory corruption vulnerability within Microsoft's HTML engine mshtml. When parsing an HTML page containing a recursive CSS import, a C++ object is deleted and later reused. This leads to arbitrary code execution. This exploit utilizes a combination of heap spraying and the...

Internet Explorer CSS Recursive Import Use After Free

$Id: ms11003iecssimport.rb 11730 2011-02-08 23:31:44Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...

Internet Explorer CSS Recursive Import Use After Free

$Id: ms11xxxiecssimport.rb 11383 2010-12-20 16:34:07Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...

MS10-090 Microsoft Internet Explorer CSS SetUserClip Memory Corruption

This module exploits a memory corruption vulnerability within Microsoft's HTML engine mshtml. When parsing an HTML page containing a specially crafted CSS tag, memory corruption occurs that can lead arbitrary code execution. It seems like Microsoft code inadvertently increments a vtable pointer t...

Internet Explorer CSS SetUserClip Memory Corruption

$Id: ms10090iecssclip.rb 11331 2010-12-14 18:41:20Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...

Internet Explorer CSS Tags Memory Corruption

$Id: ms10xxxiecssclip.rb 10912 2010-11-05 00:08:55Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...

[SECURITY] Fedora 9 Update: kazehakase-0.5.6-4.fc9.3

Kazehakase is a Web browser which aims to provide a user interface that is truly user-friendly & fully customizable. This package uses Gecko for HTML rendering engine...