privilege-escalation 25

• FortiClient EMS Auth Bypass CVE-2026-35616 Actively Exploited to Deploy EKZ Credential Stealer May 28, 2026
• LiteSpeed cPanel Plugin CVE-2026-48172 Actively Exploited for Root Privilege Escalation May 23, 2026
• Iranian APT Screening Serpens Uses AppDomainManager Hijacking in 2026 Espionage Campaigns May 22, 2026
• BYOVD: Exploiting Vulnerable Windows Kernel Drivers Without Their Target Hardware May 22, 2026
• DirtyDecrypt PoC Published for Patched Linux Kernel LPE CVE-2026-31635 May 19, 2026
• MiniPlasma Windows Zero-Day Grants SYSTEM Privileges on Fully Patched Systems May 18, 2026
• DirtyDecrypt: Public PoC Released for Linux Kernel Root Escalation Flaw May 18, 2026
• Four OpenClaw Vulnerabilities Chain to Enable Data Theft, Privilege Escalation, and Backdoor Planting May 15, 2026
• Researcher Drops YellowKey BitLocker Bypass and GreenPlasma Windows EoP Zero-Days May 14, 2026
• Fragnesia Linux Kernel LPE (CVE-2026-46300) Grants Root via Page Cache Corruption May 14, 2026
• May 2026 Patch Tuesday: 138 CVEs Including Critical Zero-Click Outlook Flaw CVE-2026-40361 May 13, 2026
• Unit 42 Unpacks AD CS Escalation: Template Misconfigs, Shadow Credentials, and Detection Guidance May 11, 2026
• cPanel and WHM Patch Three Vulnerabilities Including RCE and Privilege Escalation May 9, 2026
• Dirty Frag Linux Zero-Day Gives Root on All Major Distributions May 8, 2026
• CloudZ RAT Abuses Windows Phone Link to Steal Credentials and Bypass 2FA May 6, 2026
• 'Copy Fail' Linux Flaw Hits CISA KEV as Active Exploitation Begins May 4, 2026
• Critical cPanel and WHM Auth Bypass CVE-2026-41940 Exploited as Zero-Day Since February Apr 30, 2026
• Linux 'Copy Fail' CVE-2026-31431 Enables Root on All Major Distros Since 2017 Apr 30, 2026
• Microsoft Patches Entra ID AI Agent Role That Enabled Service Principal Takeover Apr 27, 2026
• 15-Year-Old OpenSSH Flaw Allowed Full Root Shell Access via Certificate Principal Parsing Bug Apr 27, 2026
• Microsoft Defender Zero-Day Exploited to Dump NTLM Hashes and Gain SYSTEM Privileges Apr 23, 2026
• Microsoft Issues Emergency Out-of-Band Patches for Critical ASP.NET Core Privilege Escalation Apr 22, 2026
• Windows Zero-Days Leaked, Now Actively Exploited for SYSTEM Privileges Apr 16, 2026
• Palo Alto Networks and SonicWall Patch High-Severity Privilege Escalation Bugs Apr 9, 2026
• AWS Bedrock AgentCore Flaw Enables "Agent God Mode" via IAM Privilege Escalation Apr 8, 2026