#privilege-escalation
23 articles
Twenty-eight articles published between April 13 and May 20, 2026, cover the privilege-escalation tag, with a severity mix of three medium, twenty-one high, and four critical reports. The threat actor Chaotic Eclipse was observed in these incidents. Key vulnerabilities include CVE-2026-8950, CVE-2026-8956, and CVE-2026-8957, each with a CVSS score of 9.8, alongside CVE-2026-34659 and CVE-2026-34660, both scoring 9.6. Affected sectors span enterprise, technology, education, government, and healthcare, with impacts reported globally and across North America.
MEDIUMCVE-2026-8957: Mozilla Patches Privilege Escalation in Enterprise
CVE-2026-8957 (CVSS 6.5) allows privilege escalation in Firefox's Enterprise Policies component. Mozilla fixed it in Firefox 151 and ESR 140.11.
HIGHVMware Fusion TOCTOU Flaw CVE-2026-41702 Lets Local Users Escalate to
Broadcom patched a high-severity TOCTOU vulnerability in VMware Fusion (CVE-2026-41702) that lets local non-admin users escalate privileges to root on macOS systems.
MEDIUMPalo Alto Patches Prisma Access Agent Flaws: Cert Validation, LPE
Palo Alto Networks released patches for two medium-severity flaws in Prisma Access Agent — CVE-2026-0248 (improper certificate validation) and CVE-2026-0246 (local privilege...
CRITICALAdobe Patches 52 Flaws Across 10 Products, Two Critical in Connect
Adobe's May 2026 patch batch fixes 52 CVEs across 10 products; Adobe Connect gets two critical bugs (CVE-2026-34659, 9.6 CVSS for RCE; CVE-2026-34660, 9.3 CVSS for privilege...
CRITICALMicrosoft Patches 137 Flaws, SSO Plugin Bug Rated Critical
CVE-2026-41103 in Microsoft SSO Plugin for Jira & Confluence allows privilege escalation via flawed authentication.
HIGHDirty Frag Linux Flaws Let Unprivileged Users Gain Root, Escape
CVE-2026-43284 and CVE-2026-43500 in the Linux kernel's networking code allow unprivileged users to gain root and escape containers. Exploit published after embargo broke.
HIGHMOVEit Automation CVE-2026-5174 Raises Patch Urgency After Cl0p History
CVE-2026-5174 is a high-severity MOVEit Automation privilege-escalation flaw. No APT or Cl0p exploitation is confirmed, but the 2023 MOVEit compromise history makes rapid patching urgent.
HIGHBHIS Pentest Data: Same Top Flaws Plague Orgs in 2025
Black Hills InfoSec's 2025 pentest analysis of 15 months of data shows the same top 10 vulnerabilities as 2022 — weak passwords, unpatched RDP, and misconfigured MFA remain…
HIGHLinux 'Copy Fail' LPE CVE-2026-31431 Lets Local Users Gain Root
CVE-2026-31431 (CVSS 7.8) dubbed 'Copy Fail' lets unprivileged local users write four controlled bytes to any readable file's page cache, enabling root on major Linux…
HIGHOracle VirtualBox Race Condition Lets Attackers Escalate Privileges
CVE-2026-35230: A race condition in VirtualBox's SoundBlaster 16 emulation allows local attackers with high-privileged guest access to escalate privileges. CVSS 7.5.
CRITICALMicrosoft Patches Critical ASP.NET Core CVE-2026-40372 Privilege
Microsoft released out-of-band patches for CVE-2026-40372, a 9.1-CVSS privilege escalation flaw in ASP.NET Core affecting all supported versions.
HIGHAI Agent Authority Gap Creates New Enterprise Security Blind Spots
The Hacker News reports AI agents create a structural security gap: delegated actors lack continuous oversight, enabling lateral movement and privilege escalation without human…
HIGHDocker Desktop ECI Flaw CVE-2026-6406 Lets Attackers Escalate
CVE-2026-6406 (CVSS 8.8) in Docker Desktop's Enhanced Container Isolation allows local attackers with low-privileged code execution inside a container to escalate privileges on…
HIGHSamsung MagicINFO 9 Server Local Privilege Escalation Vulnerability Patched
CVE-2026-25203, a CVSS 7.8 local privilege escalation flaw in Samsung MagicINFO 9 Server, allows authenticated attackers to gain SYSTEM privileges by exploiting incorrect default permissions on a service.
HIGHAvast Premium Security Driver Vulnerability Enables Local Privilege Escalation
CVE-2026-5424, a flaw in Avast Premium Security's self-protection driver, allows local attackers to escalate to SYSTEM privileges. The Zero Day Initiative assigned a CVSS score of 7.8 to the vulnerability.
HIGHDriveLock Privilege Escalation Flaw Allows Attackers to Bypass Security
A critical SQL injection vulnerability (CVE-2026-5490) in DriveLock endpoint security software allows authenticated attackers to escalate privileges and bypass the product's own security controls, according to the Zero Day Initiative.
HIGHLinux Kernel ETS Scheduler Race Condition Enables Local Privilege Escalation
A race condition vulnerability (CVE-2025-71066) in the Linux kernel's ETS scheduler can allow local attackers to escalate privileges to root, earning a CVSS score of 7.5 from the Zero Day Initiative.
HIGHMicrosoft Patches Windows win32kfull Local Privilege Escalation Vulnerability
Microsoft has patched a local privilege escalation vulnerability (CVE-2026-33104) in the Windows win32kfull driver, which could allow authenticated attackers to gain SYSTEM privileges. The flaw was disclosed by the Zero Day Initiative.
HIGHMicrosoft vcpkg OpenSSL Vulnerability Enables Local Privilege Escalation
A vulnerability (CVE-2026-34054) in the Microsoft vcpkg port of OpenSSL allows local attackers to escalate privileges on affected systems, earning a CVSS score of 7.8.
HIGHMicrosoft Windows Secure Kernel Double Free Vulnerability Enables Local
A double-free vulnerability (CVE-2026-26179) in the Microsoft Windows Secure Kernel allows local attackers to escalate privileges, potentially to SYSTEM. The flaw, rated 7.5 CVSS, requires an attacker to first execute high-privileged code.
HIGHMicrosoft Patches Defender Zero-Day Allowing Local Privilege Escalation
Microsoft patches CVE-2026-33825, an 'Important' zero-day flaw in the Microsoft Defender Antimalware Platform that allows local attackers to escalate privileges to SYSTEM. The vulnerability was publicly disclosed on April 14, 2026.
HIGHSigned Adware Tool Disables Antivirus with SYSTEM Privileges
A digitally signed adware tool, 'PC App Store', has been abused to deploy scripts that disable antivirus software with SYSTEM privileges, impacting thousands of endpoints in sectors like education and government.
HIGHCVE-2024-38112: BlueHammer PoC Escalates Windows to SYSTEM
Researcher Chaotic Eclipse published a PoC for CVE-2024-38112, a Windows zero-day that grants local SYSTEM privileges, citing MS disclosure failures.
Stay Updated
Get the latest cybersecurity news delivered to your inbox.