Analysis and contextual insights are available on OpenCVE Cloud.
No vendor fix or workaround currently provided.
Additional remediation guidance may be available on OpenCVE Cloud.
Tracking
Sign in to view the affected projects.
No advisories yet.
Tue, 14 Jul 2026 20:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Metrics |
ssvc
|
Tue, 14 Jul 2026 17:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | Allocation of resources without limits or throttling in Windows HTTP.sys allows an unauthorized attacker to deny service over a network. | |
| Title | HTTP.sys Denial of Service Vulnerability | |
| First Time appeared |
Microsoft
Microsoft windows 10 1607 Microsoft windows 10 1809 Microsoft windows 10 21h2 Microsoft windows 10 22h2 Microsoft windows 11 24h2 Microsoft windows 11 25h2 Microsoft windows 11 26h1 Microsoft windows Server 2016 Microsoft windows Server 2019 Microsoft windows Server 2022 Microsoft windows Server 2025 |
|
| Weaknesses | CWE-770 | |
| CPEs | cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x86:* cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:* cpe:2.3:o:microsoft:windows_10_21H2:*:*:*:*:*:*:x86:* cpe:2.3:o:microsoft:windows_10_22H2:*:*:*:*:*:*:x64:* cpe:2.3:o:microsoft:windows_11_24H2:*:*:*:*:*:*:arm64:* cpe:2.3:o:microsoft:windows_11_25H2:*:*:*:*:*:*:arm64:* cpe:2.3:o:microsoft:windows_11_26H1:*:*:*:*:*:*:x64:* cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:* cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:* cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:* cpe:2.3:o:microsoft:windows_server_2025:*:*:*:*:*:*:*:* |
|
| Vendors & Products |
Microsoft
Microsoft windows 10 1607 Microsoft windows 10 1809 Microsoft windows 10 21h2 Microsoft windows 10 22h2 Microsoft windows 11 24h2 Microsoft windows 11 25h2 Microsoft windows 11 26h1 Microsoft windows Server 2016 Microsoft windows Server 2019 Microsoft windows Server 2022 Microsoft windows Server 2025 |
|
| References |
| |
| Metrics |
cvssV3_1
|
Subscriptions
Status: PUBLISHED
Assigner: microsoft
Published:
Updated: 2026-07-14T19:37:58.768Z
Reserved: 2026-06-01T17:02:37.207Z
Link: CVE-2026-49787
Updated: 2026-07-14T19:18:17.354Z
No data.
No data.
OpenCVE Enrichment
No data.