CVE-2026-21231

ntoskrnl.exe — race condition with improper synchronization allows SYSTEM escalation

Exploited in the Wild

Actively exploited. Added to CISA KEV with remediation deadline March 3, 2026.

Summary

Field	Value
Driver	ntoskrnl.exe
Vulnerability Class	Race Condition
CVSS	7.8
Exploited ITW	Yes
Patch Date	February 10, 2026

Root Cause

Concurrent execution on a shared resource with missing synchronization (CWE-362). An authenticated local attacker wins a race condition on a shared kernel resource to corrupt memory and gain SYSTEM.

Exploitation

The attacker races concurrent threads against a shared kernel resource. Winning the race corrupts kernel memory for privilege escalation.

Exploitation Primitive

Race condition on shared kernel resource → memory corruption → SYSTEM

References

• NVD Detail
• CISA KEV Addition
• Petri.com — CISA Critical Windows Kernel Flaw