All CosmicBytez Labs articles tagged #Privilege Escalation, across news, security advisories, how-to guides, and projects.
An incorrect permission assignment vulnerability in Fujitsu ServerView Agents for Windows V11.60.04 and earlier allows a local authenticated attacker to escalate privileges to SYSTEM on the affected server.
The Kirki Freeform Page Builder plugin for WordPress (versions 6.0.0–6.0.6) allows unauthenticated attackers to take over any user account during password reset by accepting an arbitrary email address, enabling full privilege escalation. CVSS 9.8.
A critical unauthenticated privilege escalation flaw in WP Maps Pro for WordPress (CVSS 9.8) allows attackers to create administrator accounts without...
CISA has added a LiteSpeed cPanel plugin zero-day to its Known Exploited Vulnerabilities catalog after active exploitation allowed attackers to execute scripts.
A critical symlink validation flaw in KubeVirt's virt-handler lets authenticated OpenShift users with edit access in a single namespace escalate to arbitrary.
A maximum-severity vulnerability in the LiteSpeed User-End cPanel Plugin, tracked as CVE-2026-48172 with a CVSS score of 10.0, is under active...
Microsoft has disclosed two Windows Defender vulnerabilities under active exploitation in the wild, including CVE-2026-41091 — a privilege escalation flaw...
A CVSS 10.0 authentication bypass in Cisco Secure Workload allows unauthenticated remote attackers to access internal REST APIs with full Site Admin privileges.
A new Windows kernel privilege escalation zero-day dubbed MiniPlasma, released by researcher Chaotic Eclipse, grants SYSTEM-level access on fully patched...
A cybersecurity researcher has released a proof-of-concept exploit for a Windows privilege escalation zero-day dubbed MiniPlasma that lets attackers gain...
A missing WordPress capability check in the AI Engine plugin's MCP OAuth bearer-token path allows any authenticated user to escalate privileges to...
A security researcher has publicly released two unpatched Windows zero-day exploits: YellowKey, a BitLocker bypass requiring physical access, and...
An anonymous researcher has publicly disclosed two new unpatched Windows zero-days — YellowKey enabling BitLocker bypass and GreenPlasma targeting CTFMON...
A cybersecurity researcher has published proof-of-concept exploits for two unpatched Windows vulnerabilities — YellowKey (BitLocker bypass) and...
TheCartPress WordPress plugin 1.5.3.6 allows unauthenticated attackers to register new administrator accounts by exploiting the AJAX handler with a...
A new unpatched Linux zero-day exploit dubbed 'Dirty Frag' allows local attackers to gain root privileges on virtually all major Linux distributions with...
A high-severity security bypass in Argo Workflows (CVSS 8.1) allows users with Workflow creation permissions to escape templateReferencing: Strict mode,...
The U.S. Cybersecurity and Infrastructure Security Agency has added CVE-2026-31431, a Linux kernel privilege escalation flaw enabling root access, to its...
A Linux Kernel vulnerability involving incorrect resource transfer between spheres has been added to CISA's Known Exploited Vulnerabilities catalog,...
A critical heap buffer overflow in FreeBSD's libnv library allows an unprivileged program to write outside heap allocation bounds during message header...
Dell iDRAC10 versions 1.20.70.50 and 1.30.05.10 contain a race condition vulnerability allowing authenticated low-privileged attackers to gain elevated...
A newly disclosed vulnerability in the PackageKit daemon, dubbed Pack2TheRoot, allows local Linux users to escalate privileges to root by abusing the...
A critical CVSS 9.9 elevation of privilege vulnerability in Azure IoT Central allows an authenticated attacker to escalate privileges over a network by...
A critical SQL injection vulnerability in Saltcorn's mobile-sync routes allows any authenticated low-privilege user with read access to a single table to...
A critical privilege escalation vulnerability in Microsoft Partner Center allows an authorized attacker to elevate their privileges over a network,...
A critical privilege escalation flaw in OpenXiangShan NEMU's RISC-V hypervisor extension allows a VS-mode guest write to the supervisor interrupt-enable...
A high-severity insufficiently protected credentials vulnerability in Dell PowerProtect Data Domain BoostFS allows low-privileged local attackers to...
A high-severity SQL injection vulnerability in WeGIA, a web manager for charitable institutions, allows authenticated attackers to escalate privileges by...
Threat actors are actively exploiting three recently disclosed Windows security vulnerabilities that allow attackers to gain SYSTEM or elevated...
Huntress is warning that threat actors are actively exploiting three privilege escalation vulnerabilities in Microsoft Defender — codenamed BlueHammer,...
An authorization flaw in Juju's Controller facade allows any authenticated low-privilege user to call the CloudSpec API and extract the cloud provider...
A critical CVSS 9.1 vulnerability in Canonical LXD before 6.8 allows authenticated attackers to bypass project restrictions during backup import. The...
A bypass of the CVE-2024-27297 patch in the Nix package manager allows attackers to follow symlinks during fixed-output derivation builds, enabling...
A high-severity privilege escalation flaw in Kibana's Fleet plugin debug route handlers allows authenticated users with limited Fleet sub-feature...
A critical privilege escalation vulnerability in the Users Manager – PN WordPress plugin (v1.1.15 and below) allows unauthenticated attackers to update...
A critical vulnerability (CVSS 9.8) in parisneo/lollms v2.1.0 allows attackers to brute-force the application's JWT secret key offline, forge...
A security researcher operating under the aliases 'Chaotic Eclipse' and 'Nightmare-Eclipse' has publicly released exploit code for an unpatched Windows...
Researchers from the University of Toronto have demonstrated GPUBreach, a novel attack that induces Rowhammer bit-flips in GPU GDDR6 memory to bypass...
A critical server-side request forgery vulnerability in Azure Custom Locations Resource Provider allows an authorized attacker to elevate privileges over...
Cisco has released security advisories addressing a batch of critical and high-severity vulnerabilities across multiple products, covering flaws that...
A critical CVSS 9.8 vulnerability in OpenClaw allows attackers to replay a valid bootstrap setup code multiple times before approval, escalating device...
A critical CVSS 9.9 privilege escalation vulnerability in OpenClaw allows operators with limited pairing scope to mint tokens with unrestricted admin...
The Import and export users and customers plugin for WordPress is vulnerable to privilege escalation in all versions up to 1.29.7, allowing authenticated...
A critical CVSS 9.9 authorization bypass in OpenClaw allows authenticated users to self-declare elevated scopes over WebSocket connections without...
A critical privilege escalation vulnerability (CVSS 9.1) in Wazuh versions 3.9.0–4.14.2 allows authenticated cluster nodes to overwrite the manager...
ZKTeco ZKTime.Net 3.0.1.6 ships with world-writable directory permissions on its installation folder, allowing any local unprivileged user to replace...
A critical CVSS 9.9 vulnerability in Veeam Backup & Replication allows users with the lowest-privileged Backup Viewer role to execute arbitrary code as...
Actively exploited zero-day in Windows RDS allows authenticated attackers with low privileges to escalate to SYSTEM. Public exploit code available....
Cisco discloses a high-severity privilege escalation vulnerability in IOS XE Web UI that allows authenticated users to gain root access. Active...
Maximum severity flaw in Modular DS WordPress plugin allows unauthenticated privilege escalation. All versions through 2.5.1 affected with active...