#privilege escalation
23 stories taggedprivilege escalation.
DirtyClone: New Linux Kernel Flaw Hands Unprivileged Users the Root Keys
A page-cache manipulation bug related to DirtyFrag lets local, unprivileged attackers escalate to root — no credentials required beyond a shell.
Linux act_pedit OOB Write Poisons Page Cache, Hands Local Users Root
CVE-2026-46331 weaponizes a traffic-control bug to overwrite cached binaries. Working PoC dropped a day after disclosure.
DirtyClone: New DirtyFrag-Family Kernel Bug Hands Local Users Root
CVE-2026-43503 (CVSS 8.8) corrupts file-backed memory through a cloned skb. A working PoC is now public.
Briefing: Apple Fixes Beats Bug, GCP Config Connector Flaw Enables Account Takeover, Velvet Ant's Decade in the Shadows
A Bluetooth eavesdropping patch, a quietly dangerous GCP misconfiguration vulnerability, and a threat actor that spent ten years undetected — here's what you may have missed.
Microsoft Acknowledges 'RoguePlanet' Defender Zero-Day, Patch Still in the Works
CVE-2026-50656 is a privilege escalation bug in the Malware Protection Engine — the component sitting at the heart of every Defender install.
Cisco's SD-WAN Manager Has a Write-to-Root Problem — and Attackers Found It First
CVE-2026-20262 lets an authenticated attacker overwrite arbitrary files on Cisco Catalyst SD-WAN Manager, with a clear path to root. No workaround exists. Exploitation is already underway.
CISA Adds LiteSpeed cPanel Plugin Bug to KEV After In-the-Wild Exploitation
CVE-2026-54420 (CVSS 8.5) lets attackers escalate to root on hosts running the LiteSpeed cPanel plugin. Federal agencies have until June 18, 2026 to patch.
Three-Bug Chain Turns Any LiteLLM User Into Root on the AI Gateway
A default low-privilege account on the popular open-source LLM proxy can escalate to admin and execute code, exposing every provider key the gateway holds.
RoguePlanet Zero-Day Drops as Nightmare Eclipse–Microsoft Feud Reaches New Low
A race-condition bug in Microsoft Defender can yield a SYSTEM shell on fully patched Windows 11 and 10. No patch exists. The researcher dropped it the day after June Patch Tuesday.
Microsoft's October Dump: 206 CVEs, Three Already Public
A record Patch Tuesday hauls in 39 Critical bugs and a trio of zero-days that were knocking around before the fix shipped.
RoguePlanet PoC Drops: Another Defender Race Condition, Another Path to SYSTEM
An anonymous researcher publishing as Chaotic Eclipse dropped a proof-of-concept against Microsoft Defender that wins SYSTEM on fully patched Windows — when the race goes their way.
Cisco SD-WAN Manager Has an Unpatched Privilege-Escalation Flaw Under Active Exploitation
A command-injection bug in Catalyst SD-WAN Manager is already being used in the wild. No patch exists yet — and a known espionage group may be involved.
Public Exploit Drops for nf_tables UAF: CVE-2026-23111 Gives Local Root, Container Escape
Exodus Intelligence published a full walkthrough four months after the upstream patch. The kernel bug is a one-liner. The exploit is not.
Fuel, Chemicals, Food: CISA Warns ATG Attacks Can Drain Tanks Silently
Hardcoded credentials and unauthenticated command execution leave automated tank gauges wide open. The fix list is embarrassingly short.
Privilege Escalation Attacks Hit Kirki and Burst Statistics WordPress Plugins
Threat actors are actively exploiting flaws in two widely-used WordPress plugins to grab admin access and seize site control.