Last updated: July 5, 2026 at 9:01 AM UTC
All 557 Vulnerability 199 Breach 106 Threat 245 Defense 7
Tag: zero-day (31 articles)Clear

Microsoft ships mitigation for YellowKey BitLocker bypass (CVE-2026-45585), no patch yet - PoC published, TPM+PIN required

Microsoft has assigned CVE-2026-45585 and shipped mitigation guidance for YellowKey, a Windows BitLocker bypass that anonymous researcher 'Nightmare Eclipse' disclosed last week with a working PoC. The attack places crafted FsTx files on a USB drive or EFI partition, reboots into WinRE, and holds CTRL during boot to drop into a shell with full access to BitLocker-protected drives. Microsoft says no patch is available yet. Mitigations include removing the autofstx.exe entry from Session Manager's BootExecute and reconfiguring BitLocker to require TPM+PIN at startup. Nightmare Eclipse is the same researcher who recently dropped BlueHammer, RedSun, GreenPlasma, UnDefend, and MiniPlasma.

Check
Inventory Windows endpoints with BitLocker enabled. Check whether autofstx.exe is listed in HKLM\System\CurrentControlSet\Control\Session Manager BootExecute. Look for unattended USB media access on shared or kiosk machines.
Affected
Windows endpoints with BitLocker in TPM-only mode (no PIN). YellowKey requires physical access to drop FsTx files on a USB drive or the EFI partition before triggering WinRE boot.
Fix
Remove autofstx.exe from BootExecute and re-establish BitLocker trust for WinRE per CVE-2026-33825 advisory. Reconfigure BitLocker to TPM+PIN. Restrict USB boot and BIOS access on shared endpoints.

MiniPlasma Windows zero-day: working PoC gives SYSTEM on fully patched Windows 11 via cldflt.sys driver

A researcher who goes by Chaotic Eclipse has dropped working proof-of-concept code on GitHub for a Windows local privilege escalation that gives SYSTEM access on fully patched Windows 11 Pro and Windows Server 2025. The bug lives in the Cloud Filter driver cldflt.sys and is, the researcher says, the same flaw Google Project Zero reported to Microsoft as CVE-2020-17103 in 2020, which Microsoft said it fixed in December 2020. The original Google PoC works unmodified. May 2026 Patch Tuesday updates do not stop it. The same researcher has dropped several other Windows zero-days in recent weeks, all of which were quickly seen in real attacks.

Check
Inventory Windows 11 and Server 2022/2025 endpoints. Hunt SIEM for unexpected SYSTEM-context cmd.exe spawns or new processes launched from standard user sessions touching cldflt.sys.
Affected
Microsoft Windows 11 Pro and Windows Server 2025 with May 2026 Patch Tuesday updates applied. The researcher claims all Windows versions are likely affected.
Fix
No patch available. Block execution of the public MiniPlasma binary by hash in EDR. Tighten local user privileges and restrict admin sessions on multi-user endpoints until Microsoft ships a fix.

Pwn2Own Berlin Day 3: DEVCORE wins Master of Pwn ($505K), SharePoint falls in 2-bug chain, $1.298M total

The Pwn2Own Berlin 2026 contest wrapped up Saturday at OffensiveCon, paying out $1,298,250 for 47 unique zero-days across three days. Taiwan's DEVCORE took the Master of Pwn title with 50.5 points and $505,000 in winnings. The headline Day 3 result came from DEVCORE researcher splitline, who chained two bugs into a successful exploit of Microsoft SharePoint, earning $100,000 and 10 points. SharePoint had survived a failed Rapid7 attempt on Day 2, making this a notable late-contest catch. Day 3 also saw attempts against VMware ESXi, Windows 11, Red Hat Enterprise Linux, and OpenAI Codex. All disclosed bugs now enter ZDI's 90-day disclosure window.

Check
Subscribe to the ZDI advisory feed at zerodayinitiative.com/advisories. Identify SharePoint, VMware ESXi, Windows 11, RHEL, and Codex deployments that may need urgent patches over the next 90 days.
Affected
Microsoft SharePoint, VMware ESXi, Windows 11, Red Hat Enterprise Linux, and OpenAI Codex - all targeted at Pwn2Own Berlin 2026 (47 unique zero-days disclosed May 14-16).
Fix
Apply vendor patches the moment ZDI advisories ship and fixes land. Prioritize internet-facing SharePoint and ESXi instances. Until then, restrict access to management interfaces.

Microsoft Exchange OWA zero-day actively exploited via crafted email, no patch yet (CVE-2026-42897)

Just two days after a 138-fix Patch Tuesday that listed no zero-days, Microsoft disclosed CVE-2026-42897, an Exchange Server XSS-to-spoofing flaw it has tagged 'Exploitation Detected.' The bug is rated CVSS 8.1 and reported by an anonymous researcher. An unauthenticated attacker emails a crafted message; if the victim opens it in Outlook Web Access and meets certain interaction conditions, arbitrary JavaScript runs in the browser session context, enabling spoofing and session abuse. On-prem Exchange Server 2016, 2019, and Subscription Edition are affected; Exchange Online is not. No permanent patch exists yet, only mitigation through the Exchange Emergency Mitigation Service.

Check
Inventory all on-prem Exchange Server 2016, 2019, and Subscription Edition instances; check Exchange EM Service is enabled and the May 14 mitigation shows 'Applied'; review OWA web access logs for unusual JavaScript-triggering email opens and crafted-message indicators.
Affected
Microsoft Exchange Server 2016 CU23, Exchange Server 2019 CU14 and CU15, and Exchange Server Subscription Edition RTM. Exchange Online customers are not affected. Risk is highest for internet-facing OWA deployments.
Fix
Confirm Exchange Emergency Mitigation Service is enabled (default since Sep 2021) and 'Applied' for CVE-2026-42897. If disabled, run EOMT.ps1 with the CVE flag. Permanent updates are coming for SE RTM, 2016 CU23, and 2019 CU14/CU15.

Pwn2Own Berlin Day 2: Microsoft Exchange falls to Orange Tsai's $200K chain, event total tops $908K

The second day of Pwn2Own Berlin 2026 added $385,750 across 15 unique zero-days, bringing the running total to $908,750 across 39 zero-days. The headline was Orange Tsai of DEVCORE chaining three bugs to gain SYSTEM-level remote code execution on Microsoft Exchange Server, taking the $200,000 top prize and pushing his event total past $375,000. Other day-two wins included a Windows 11 integer-overflow LPE, a Red Hat Enterprise Linux for Workstations root, a use-after-free in NVIDIA Container Toolkit, and AI-category exploits against LM Studio, Cursor, OpenAI Codex, and Anthropic Claude Desktop (the last as a collision with a previously known bug).

Check
Track Zero Day Initiative advisories over the next 90 days for the day-two Exchange chain (separate from CVE-2026-42897), Windows 11 LPE, RHEL Workstations escalation, NVIDIA Container Toolkit UAF, and the AI category bugs.
Affected
Fully patched Microsoft Exchange Server, Windows 11, Red Hat Enterprise Linux for Workstations, NVIDIA Container Toolkit, LM Studio, Cursor IDE, OpenAI Codex, and Anthropic Claude Desktop. CVEs not yet assigned; 90-day patching window.
Fix
Pre-stage update windows for Exchange Server, Windows 11, RHEL Workstations, and the AI developer tools listed. Where Cursor, Codex, and Claude Desktop run unsupervised, restrict outbound egress and code-execution scope until patches land.

Second maximum-severity Cisco Catalyst SD-WAN auth bypass exploited as a zero-day by sophisticated UAT-8616 actor - CISA gives federal agencies until May 17 to patch (CVE-2026-20182)

Cisco disclosed and patched a second perfect-score authentication bypass in its Catalyst SD-WAN Controller and Manager (formerly vSmart and vManage). The bug, CVE-2026-20182 (CVSS 10.0), was found by Rapid7 while investigating the earlier CVE-2026-20127 wave, and lives in the same vdaemon service over DTLS port 12346. An unauthenticated attacker can become a trusted peer of the controller, log in as a privileged internal account, hit the NETCONF interface, and rewrite the entire SD-WAN fabric. Cisco Talos already attributes limited in-the-wild exploitation to UAT-8616, an actor with operational-relay-box ties that has been targeting Cisco SD-WAN since 2023.

Check
Identify on-prem and cloud Cisco Catalyst SD-WAN Controller and Manager instances, compare any successful peer IPs to the configured System IPs under WebUI > Devices > System IP, and open a Cisco TAC case for unknown peers.
Affected
Cisco Catalyst SD-WAN Controller (formerly vSmart) and Cisco Catalyst SD-WAN Manager (formerly vManage) in on-prem and Cisco-managed SD-WAN Cloud deployments. Maximum severity (CVSSv3 10.0).
Fix
Upgrade to the fixed releases listed in Cisco advisory cisco-sa-sdwan-rpa2-v69WY2SW immediately - CISA Emergency Directive 26-03 set the federal deadline at May 17, 2026. Restrict internet exposure of UDP/12346 to trusted peers only.

Pwn2Own Berlin Day 1: $523,000 paid for 24 zero-days - Microsoft Edge sandbox escape, three Windows 11 privilege escalations, Red Hat root, and LiteLLM, OpenAI Codex, and NVIDIA software all fall

Day one of the Pwn2Own Berlin 2026 hacking contest at OffensiveCon paid out 523,000 dollars across 24 unique zero-days, with Trend Micro's Zero Day Initiative reporting wins against fully patched Microsoft Edge, Windows 11, Red Hat Enterprise Linux for Workstations, NVIDIA Container Toolkit and Megatron Bridge, OpenAI Codex, and LiteLLM. Orange Tsai's four-bug logic chain that escaped the Edge sandbox took the biggest single prize at 175,000 dollars. An Anthropic Claude Code entry was ruled a collision (the bug was already known to the vendor). Each affected vendor now has 90 days to ship a fix before ZDI publishes technical details.

Check
Inventory exposure to the targeted products (Edge, Windows 11, RHEL Workstations, NVIDIA Container Toolkit, LiteLLM, OpenAI Codex, Mozilla Firefox) and prepare an accelerated patch window for the next 90 days.
Affected
Fully patched Microsoft Edge, Windows 11, Red Hat Enterprise Linux for Workstations, NVIDIA Container Toolkit, NVIDIA Megatron Bridge, OpenAI Codex, LiteLLM. CVEs are not yet assigned; vendors have 90 days from May 14 to ship fixes.
Fix
Subscribe to ZDI advisory notifications and upstream vendor security feeds. As patches land over the next 90 days, prioritize Edge and Windows 11 LPE fixes - sandbox escapes plus local privilege escalations chain directly into endpoint takeover.

Unpatched Windows BitLocker bypass and SYSTEM elevation PoCs dropped on GitHub by a disgruntled researcher - YellowKey and GreenPlasma hit Windows 11 and Server 2022/2025

A researcher who calls themselves Chaotic Eclipse - and who has weaponized every prior Windows flaw they have leaked this year - dropped working proof-of-concept code for two unpatched zero-days on May 12. YellowKey lets anyone with physical access to a Windows 11 or Server 2022/2025 machine plug in a USB stick, hold CTRL during a reboot into the Windows Recovery Environment, and get a shell with full access to the BitLocker-protected drive. GreenPlasma is a privilege escalation against the CTFMON service that hands an unprivileged user a path to SYSTEM. Independent researchers including Will Dormann and Kevin Beaumont have confirmed that YellowKey works as advertised.

Check
Inventory which Windows 11, Server 2022, and Server 2025 endpoints have BitLocker in TPM-only mode (the default on most consumer hardware), and identify machines that ever leave secured premises.
Affected
Windows 11 and Windows Server 2022/2025 with BitLocker in TPM-only mode. Windows 10 is unaffected. GreenPlasma privilege escalation hits Windows 11 and Server 2022/2025.
Fix
No patch yet. Switch BitLocker from TPM-only to TPM+PIN, set a BIOS or UEFI admin password, and disable USB boot in firmware. Watch for a Microsoft out-of-band release before next Patch Tuesday.

Google says hackers used AI to build first known zero-day for 2FA bypass in unnamed web admin tool

Google's Threat Intelligence Group says it caught the first known case of a real attacker using a large language model to find and weaponize a zero-day - a 2FA bypass in a popular but unnamed open-source web-based system administration tool. Google has high confidence the Python exploit was AI-generated, citing textbook code structure, abundant educational docstrings, and a hallucinated CVSS score in the script. The flaw was a high-level logic bug, the kind LLMs excel at spotting, rather than a memory corruption issue. Google rules out Gemini and warns that AI-assisted exploit development is being industrialized via account-pooling and proxy relays for premium models.

Check
Audit open-source web-based system administration tools your team self-hosts (Webmin, Cockpit, ISPConfig, etc). Check whether 2FA is the only barrier protecting admin access, and review recent admin logins for anomalies.
Affected
The specific affected product remains undisclosed - Google notified the developer and the attack was disrupted pre-mass-exploitation. Generally, any popular open-source web-based system administration tool with a 2FA implementation that relies on a semantic logic check rather than tightly-bound session validation is exposed to this class of AI-discovered logic bug.
Fix
Wait for vendor disclosure when Google's reporting names the product. In the meantime, layer additional controls in front of any web admin panel: place it behind a VPN or zero-trust gateway, require source-IP allowlisting, and rotate admin credentials. Treat 2FA-only protection on internet-exposed admin tools as a single point of failure regardless of the vendor.

Ivanti EPMM zero-day actively exploited - attackers are getting admin-level RCE on mobile device management servers (CVE-2026-6973)

Ivanti disclosed Wednesday that attackers are exploiting a zero-day in Endpoint Manager Mobile (EPMM) to gain admin-level remote code execution on enterprise MDM servers. CVE-2026-6973. Successful exploitation gives the attacker control over the MDM platform that pushes apps and configurations to managed mobile fleets - a foothold that can pivot into managed devices and the corporate identity layer. CISA added the flaw to its Known Exploited Vulnerabilities catalog the same day with a federal patch deadline next week. Ivanti products have a long history of zero-day exploitation.

Check
Inventory Ivanti EPMM (formerly MobileIron Core) instances and check whether any are internet-reachable. Hunt EPMM admin logs for unusual admin actions, new admin accounts, or unfamiliar OAuth tokens issued since April.
Affected
Ivanti Endpoint Manager Mobile (EPMM) installations on versions before the May 6 patch. Acute risk for internet-reachable EPMM instances. The MDM context means a successful exploit can push tampered apps or profiles to every managed mobile device. Federal agencies under BOD 22-01 must patch by mid-May.
Fix
Upgrade Ivanti EPMM to the patched release per Ivanti's advisory. Restrict EPMM admin access to internal networks or VPN-only paths until patched. Rotate EPMM admin credentials and any API tokens issued for downstream integrations (SCEP, certificate authorities, identity providers). Audit managed mobile devices for unfamiliar configuration profiles or VPN configurations pushed since April.