Feb 2026: Cluster Client Failover (CCF) Elevation of Privilege Vulnerability
CVE-2026-21251 Published on February 10, 2026

Cluster Client Failover (CCF) Elevation of Privilege Vulnerability
Use after free in Windows Cluster Client Failover allows an authorized attacker to elevate privileges locally.

Vendor Advisory NVD

Weakness Type

What is a Dangling pointer Vulnerability?

Referencing memory after it has been freed can cause a program to crash, use unexpected values, or execute code.

CVE-2026-21251 has been classified to as a Dangling pointer vulnerability or weakness.

Products Associated with CVE-2026-21251

You can be notified by email with stack.watch whenever vulnerabilities like CVE-2026-21251 are published in these products:

Microsoft Windows Server 2019

Microsoft Windows Server 2022

Microsoft Windows Server 2025

Microsoft Windows Server 23h2

Microsoft Windows Server 2016

Affected Versions

Microsoft Windows Server 2016:

Version 10.0.14393.0 and below 10.0.14393.8868 is affected.

Microsoft Windows Server 2016 (Server Core installation):

Version 10.0.14393.0 and below 10.0.14393.8868 is affected.

Microsoft Windows Server 2019:

Version 10.0.17763.0 and below 10.0.17763.8389 is affected.

Microsoft Windows Server 2019 (Server Core installation):

Version 10.0.17763.0 and below 10.0.17763.8389 is affected.

Microsoft Windows Server 2022:

Version 10.0.20348.0 and below 10.0.20348.4773 is affected.

Microsoft Windows Server 2022, 23H2 Edition (Server Core installation):

Version 10.0.25398.0 and below 10.0.25398.2149 is affected.

Microsoft Windows Server 2025:

Version 10.0.26100.0 and below 10.0.26100.32370 is affected.

Microsoft Windows Server 2025 (Server Core installation):

Version 10.0.26100.0 and below 10.0.26100.32370 is affected.

Exploit Probability

EPSS

0.02%

Percentile

4.74%