Skip to main content
COSMICBYTEZLABS
NewsSecurityHOWTOsToolsTraining
StudyProjectsNewsletterHire MeAbout
Subscribe

Press Enter to search or Esc to close

News
Security
HOWTOs
Tools
Training
Study
Projects
Newsletter
Hire Me
About
RSS Feed
Reading List
Subscribe

Stay in the Loop

Get the latest security alerts, tutorials, and tech insights delivered to your inbox.

Subscribe NowFree forever. No spam.
COSMICBYTEZLABS

Your trusted source for IT intelligence, cybersecurity insights, and hands-on technical guides.

1941+ Articles
150+ Guides

CONTENT

  • Latest News
  • Security Alerts
  • HOWTOs
  • Checklists
  • Projects
  • Exam Prep

RESOURCES

  • Search
  • Browse Tags
  • Newsletter Archive
  • Reading List
  • RSS Feed

COMPANY

  • About Us
  • Contact
  • Privacy Policy
  • Terms of Service

© 2026 CosmicBytez Labs. All rights reserved.

System Status: Operational
All tags
80 articles

#Privilege Escalation

All CosmicBytez Labs articles tagged #Privilege Escalation, across news, security advisories, how-to guides, and projects.

  • NewsJul 17, 2026

    New Windows LegacyHive Zero-Day Gives Hackers Admin Privileges

    A security researcher has released a public Windows zero-day exploit called LegacyHive that allows local privilege escalation to SYSTEM on fully up-to-date Windows machines. No patch is available.

  • SecurityJul 17, 2026

    CVE-2026-15103: WPFunnels Plugin Privilege Escalation via Unauthenticated REST Endpoint

    A high-severity privilege escalation flaw in WPFunnels for WordPress allows attackers to update arbitrary site options via an unvalidated REST callback, affecting all versions up to 3.12.8.

  • SecurityJul 17, 2026

    CVE-2026-15982: WordPress Aimogen Pro Plugin Privilege Escalation (CVSS 9.8)

    Critical privilege escalation in the Aimogen Pro WordPress plugin (all versions up to 2.8.4) — missing capability check on AI function allows any authenticated user to gain administrator-level access.

  • NewsJul 15, 2026

    Researcher Drops New Windows Zero-Day PoC Hours After Microsoft Patch Tuesday

    Security researcher Chaotic Eclipse released LegacyHive, a proof-of-concept exploit for a Windows User Profile Service privilege escalation vulnerability, just hours after Microsoft's July 2026 Patch Tuesday release.

  • SecurityJul 14, 2026

    CVE-2026-56155: Microsoft AD FS Access Control Flaw Enables Golden SAML Attacks

    Microsoft's July 2026 Patch Tuesday fixes CVE-2026-56155, an actively exploited privilege escalation flaw in Active Directory Federation Services. Attackers exploit overly permissive ACLs on the DKM container to forge SAML tokens and compromise hybrid identity infrastructure. CISA added it to KEV with a July 28 federal deadline.

  • NewsJul 12, 2026

    RedHook Android Malware Now Uses Wireless ADB for Shell Access

    A new RedHook variant abuses Android's Wireless Debugging feature to gain shell-level privileges without a USB connection — a novel technique that bypasses traditional physical access requirements.

  • SecurityJul 7, 2026

    Coolify CVE-2026-34037: CVSS 9.9 IDOR Enables Cross-Team Resource Takeover

    A critical IDOR vulnerability in Coolify's cloneTo() Livewire action allows authenticated users to clone and take over resources across team boundaries...

  • SecurityJul 7, 2026

    Coolify CVE-2026-34048: Low-Privilege Terminal Escalation via WebSocket (CVSS 9.9)

    A critical privilege escalation flaw in Coolify's terminal WebSocket routes lets any low-privileged team member connect to privileged server terminals by...

  • SecurityJul 5, 2026

    Privilege Escalation via Role Manipulation in Online Exam LMS (CVE-2026-14719)

    A high-severity improper privilege management flaw in SourceCodester's Online Examination and Learning Management System 1.0 allows remote attackers to...

  • NewsJul 4, 2026

    New 'Bad Epoll' Linux Kernel Flaw Lets Unprivileged Users Gain Root, Hits Android

    A use-after-free bug in the Linux kernel's epoll subsystem — CVE-2026-46242 — lets any local user escalate to root on Linux 6.4+ with ~99% reliability. A...

  • SecurityJul 3, 2026

    CVE-2026-41106: M365 Copilot Open Redirect Allows Unauthenticated Privilege Escalation

    A critical open redirect vulnerability in Microsoft 365 Copilot rated CVSS 9.3 enables unauthenticated attackers to perform privilege escalation over the...

  • SecurityJul 3, 2026

    CVE-2026-45499: Azure OpenAI SSRF Enables Privilege Escalation — CVSS 9.9

    A critical server-side request forgery vulnerability in Azure OpenAI rated CVSS 9.9 allows an authorized attacker to escalate privileges over the network,...

  • SecurityJul 3, 2026

    UniFi Talk SQL Injection Chain Enables Host Privilege Escalation CVE-2026-50747

    Multiple authenticated SQL injection vulnerabilities in Ubiquiti's UniFi Talk Application can be chained to escalate privileges to host-level access on...

  • SecurityJul 3, 2026

    UniFi Access Improper Access Control Allows Host Privilege Escalation CVE-2026-54400

    A critical improper access control vulnerability in Ubiquiti's UniFi Access Application enables high-privileged network attackers to further escalate...

  • SecurityJun 30, 2026

    CVE-2026-12073: ProfileGrid WordPress Plugin Critical Privilege Escalation

    A critical CVSS 9.8 vulnerability in the ProfileGrid WordPress plugin allows unauthenticated attackers to take over any user account and escalate...

  • SecurityJun 27, 2026

    CVE-2026-12415: WordPress Invoice Generator Privilege Escalation (CVSS 9.8)

    A critical unauthenticated privilege escalation flaw in the WordPress Invoice Generator plugin allows any attacker to take over administrator accounts via...

  • SecurityJun 26, 2026

    CVE-2026-46735: Dell DDPM Mac OS Command Injection Allows Local Privilege Escalation

    A high-severity OS command injection flaw in Dell Display and Peripheral Manager for macOS (versions prior to 2.3) allows low-privileged local attackers...

  • SecurityJun 24, 2026

    CVE-2026-11807: Critical Authorization Bypass in Event-Driven Ansible WebSocket API

    A missing authorization flaw (CVSS 9.6) in Red Hat's Event-Driven Ansible allows any authenticated user to forge WebSocket messages and access plaintext...

  • NewsJun 15, 2026

    LiteLLM Vulnerability Chain Lets Low-Privilege Users Take Over AI Gateway Servers

    Researchers at Obsidian Security disclosed a chain of three vulnerabilities in the widely deployed LiteLLM open-source AI gateway that allows a default...

  • SecurityJun 12, 2026

    CVE-2026-47369: UniFi OS Privilege Escalation via Improper Input Validation

    A critical CVSS 9.9 privilege escalation vulnerability in Ubiquiti UniFi OS allows a low-privileged network attacker to escalate privileges within UniFi...

  • SecurityJun 11, 2026

    CVE-2025-6254: WordPress Doctreat Core Plugin Privilege Escalation (CVSS 9.8)

    A critical unauthenticated privilege escalation vulnerability in the Doctreat Core WordPress plugin allows attackers to register with elevated roles,...

  • NewsJun 10, 2026

    Microsoft Defender RoguePlanet Zero-Day Grants SYSTEM Access on Updated Windows

    Anonymous researcher Chaotic Eclipse released a PoC exploit for a new Microsoft Defender zero-day named RoguePlanet. The race condition flaw grants SYSTEM...

  • NewsJun 10, 2026

    Microsoft Patches YellowKey, GreenPlasma, and MiniPlasma Zero-Days

    Microsoft's June 2026 Patch Tuesday fixes three actively exploited Windows zero-days: two SYSTEM privilege escalation flaws and a BitLocker bypass...

  • SecurityJun 10, 2026

    CVE-2025-10263: ARM CPU Privilege Escalation Across Multiple Processor Families

    Critical CVSS 9.1 flaw in ARM Cortex-X and Neoverse processors may allow writes to resources owned by a higher exception level.

  • SecurityJun 6, 2026

    CVE-2026-21029: Samsung Galaxy Editing Service Privilege Escalation

    A high-severity vulnerability in Samsung's Galaxy Editing Service allows local attackers to execute privileged operations due to improper export of Android…

  • SecurityJun 6, 2026

    CVE-2026-9851: WordPress Booking Package Plugin Privilege Escalation via Account Takeover

    A high-severity privilege escalation vulnerability in the Booking Package WordPress plugin allows unauthenticated or low-privileged attackers to take over…

  • NewsJun 5, 2026

    Cisco Warns of Unpatched SD-WAN Zero-Day Exploited in Attacks

    Cisco has issued an emergency warning about an actively exploited, unpatched zero-day in Cisco Catalyst SD-WAN Manager (CVE-2026-20245) that enables root…

  • SecurityJun 5, 2026

    CVE-2026-50211: Leftover Engineering Diagnostics Grant Malicious Apps NVRAM Write Access

    A critical CVSS 9.8 vulnerability exposes factory-level diagnostic interfaces left in retail firmware builds, allowing malicious applications to gain write…

  • NewsJun 3, 2026

    Critical Kirki Flaw Exploited to Hijack WordPress Admin Accounts

    Hackers are actively exploiting a critical privilege escalation vulnerability (CVE-2026-8206) in the widely-used Kirki Customizer Framework plugin for…

  • SecurityJun 3, 2026

    CVE-2022-0492: Linux Kernel Improper Authentication Vulnerability

    A Linux kernel vulnerability in the cgroups v1 release_agent feature allows local attackers to escalate privileges and escape containers. Added to CISA KEV…

  • SecurityJun 2, 2026

    CVE-2026-27788: Fujitsu ServerView Agents Privilege Escalation to SYSTEM

    An incorrect permission assignment vulnerability in Fujitsu ServerView Agents for Windows V11.60.04 and earlier allows a local authenticated attacker to…

  • SecurityJun 2, 2026

    CVE-2026-8206: Kirki WordPress Plugin Critical Privilege Escalation via Account Takeover

    The Kirki Freeform Page Builder plugin for WordPress (versions 6.0.0–6.0.6) allows unauthenticated attackers to take over any user account during password…

  • SecurityMay 29, 2026

    CVE-2026-8732: WP Maps Pro Privilege Escalation via Admin Account Creation

    A critical unauthenticated privilege escalation flaw in WP Maps Pro for WordPress (CVSS 9.8) allows attackers to create administrator accounts without...

  • NewsMay 27, 2026

    CISA Urges Immediate Patching of Exploited LiteSpeed cPanel

    CISA has added a LiteSpeed cPanel plugin zero-day to its Known Exploited Vulnerabilities catalog after active exploitation allowed attackers to execute scripts.

  • SecurityMay 27, 2026

    CVE-2026-7374: KubeVirt virt-handler Symlink RCE (CVSS 9.9)

    A critical symlink validation flaw in KubeVirt's virt-handler lets authenticated OpenShift users with edit access in a single namespace escalate to arbitrary.

  • NewsMay 23, 2026

    LiteSpeed cPanel Plugin CVE-2026-48172 Exploited to Run

    A maximum-severity vulnerability in the LiteSpeed User-End cPanel Plugin, tracked as CVE-2026-48172 with a CVSS score of 10.0, is under active...

  • NewsMay 22, 2026

    Microsoft Warns of Two Actively Exploited Defender

    Microsoft has disclosed two Windows Defender vulnerabilities under active exploitation in the wild, including CVE-2026-41091 — a privilege escalation flaw...

  • SecurityMay 21, 2026

    CVE-2026-20223: Cisco Secure Workload REST API Auth Bypass

    A CVSS 10.0 authentication bypass in Cisco Secure Workload allows unauthenticated remote attackers to access internal REST APIs with full Site Admin privileges.

  • NewsMay 18, 2026

    MiniPlasma Windows 0-Day Enables SYSTEM Privilege

    A new Windows kernel privilege escalation zero-day dubbed MiniPlasma, released by researcher Chaotic Eclipse, grants SYSTEM-level access on fully patched...

  • NewsMay 17, 2026

    New Windows ''MiniPlasma'' Zero-Day Exploit Gives SYSTEM

    A cybersecurity researcher has released a proof-of-concept exploit for a Windows privilege escalation zero-day dubbed MiniPlasma that lets attackers gain...

  • SecurityMay 17, 2026

    CVE-2026-8719: WordPress AI Engine Plugin Privilege

    A missing WordPress capability check in the AI Engine plugin's MCP OAuth bearer-token path allows any authenticated user to escalate privileges to...

  • NewsMay 14, 2026

    Researcher Drops YellowKey, GreenPlasma Windows Zero-Days

    A security researcher has publicly released two unpatched Windows zero-day exploits: YellowKey, a BitLocker bypass requiring physical access, and...

  • NewsMay 14, 2026

    Windows Zero-Days Expose BitLocker Bypasses and CTFMON

    An anonymous researcher has publicly disclosed two new unpatched Windows zero-days — YellowKey enabling BitLocker bypass and GreenPlasma targeting CTFMON...

  • NewsMay 13, 2026

    Windows BitLocker Zero-Day Gives Access to Protected

    A cybersecurity researcher has published proof-of-concept exploits for two unpatched Windows vulnerabilities — YellowKey (BitLocker bypass) and...

  • SecurityMay 11, 2026

    CVE-2021-47932: WordPress TheCartPress 1.5.3.6 Privilege

    TheCartPress WordPress plugin 1.5.3.6 allows unauthenticated attackers to register new administrator accounts by exploiting the AJAX handler with a...

  • NewsMay 9, 2026

    New Linux 'Dirty Frag' Zero-Day Gives Root on All Major

    A new unpatched Linux zero-day exploit dubbed 'Dirty Frag' allows local attackers to gain root privileges on virtually all major Linux distributions with...

  • SecurityMay 9, 2026

    CVE-2026-42296: Argo Workflows templateReferencing Strict

    A high-severity security bypass in Argo Workflows (CVSS 8.1) allows users with Workflow creation permissions to escape templateReferencing: Strict mode,...

  • NewsMay 3, 2026

    CISA Adds Actively Exploited Linux Root Access Bug

    The U.S. Cybersecurity and Infrastructure Security Agency has added CVE-2026-31431, a Linux kernel privilege escalation flaw enabling root access, to its...

  • SecurityMay 1, 2026

    CVE-2026-31431: Linux Kernel Privilege Escalation via Incorrect Resource Transfer

    A Linux Kernel vulnerability involving incorrect resource transfer between spheres has been added to CISA's Known Exploited Vulnerabilities catalog,...

  • SecurityMay 1, 2026

    CVE-2026-35547: FreeBSD libnv Heap Buffer Overflow Allows

    A critical heap buffer overflow in FreeBSD's libnv library allows an unprivileged program to write outside heap allocation bounds during message header...

  • SecurityApr 29, 2026

    CVE-2026-35155: Dell iDRAC10 Race Condition Enables

    Dell iDRAC10 versions 1.20.70.50 and 1.30.05.10 contain a race condition vulnerability allowing authenticated low-privileged attackers to gain elevated...

  • NewsApr 26, 2026

    New 'Pack2TheRoot' Flaw Gives Hackers Root Linux Access

    A newly disclosed vulnerability in the PackageKit daemon, dubbed Pack2TheRoot, allows local Linux users to escalate privileges to root by abusing the...

  • SecurityApr 25, 2026

    CVE-2026-21515: Azure IoT Central Elevation of Privilege

    A critical CVSS 9.9 elevation of privilege vulnerability in Azure IoT Central allows an authenticated attacker to escalate privileges over a network by...

  • SecurityApr 25, 2026

    CVE-2026-41478: Saltcorn SQL Injection Allows Full Database

    A critical SQL injection vulnerability in Saltcorn's mobile-sync routes allows any authenticated low-privilege user with read access to a single table to...

  • SecurityApr 24, 2026

    CVE-2026-24303: Microsoft Partner Center Privilege

    A critical privilege escalation vulnerability in Microsoft Partner Center allows an authorized attacker to elevate their privileges over a network,...

  • SecurityApr 21, 2026

    CVE-2026-29646: OpenXiangShan NEMU RISC-V Hypervisor

    A critical privilege escalation flaw in OpenXiangShan NEMU's RISC-V hypervisor extension allows a VS-mode guest write to the supervisor interrupt-enable...

  • SecurityApr 18, 2026

    CVE-2025-36568: Dell PowerProtect Data Domain BoostFS

    A high-severity insufficiently protected credentials vulnerability in Dell PowerProtect Data Domain BoostFS allows low-privileged local attackers to...

  • SecurityApr 18, 2026

    CVE-2026-40285: WeGIA SQL Injection via PHP extract()

    A high-severity SQL injection vulnerability in WeGIA, a web manager for charitable institutions, allows authenticated attackers to escalate privileges by...

  • NewsApr 17, 2026

    Recently Leaked Windows Zero-Days Now Exploited in Active

    Threat actors are actively exploiting three recently disclosed Windows security vulnerabilities that allow attackers to gain SYSTEM or elevated...

  • NewsApr 17, 2026

    Three Microsoft Defender Zero-Days Actively Exploited; Two

    Huntress is warning that threat actors are actively exploiting three privilege escalation vulnerabilities in Microsoft Defender — codenamed BlueHammer,...

  • SecurityApr 11, 2026

    CVE-2026-5412: Juju Controller Facade Allows Low-Privilege

    An authorization flaw in Juju's Controller facade allows any authenticated low-privilege user to call the CloudSpec API and extract the cloud provider...

  • SecurityApr 10, 2026

    CVE-2026-34178: Canonical LXD Backup Import Path

    A critical CVSS 9.1 vulnerability in Canonical LXD before 6.8 allows authenticated attackers to bypass project restrictions during backup import. The...

  • SecurityApr 9, 2026

    CVE-2026-39860: Nix Symlink Attack Allows Root File

    A bypass of the CVE-2024-27297 patch in the Nix package manager allows attackers to follow symlinks during fixed-output derivation builds, enabling...

  • SecurityApr 9, 2026

    CVE-2026-4498: Kibana Fleet Plugin Privilege Escalation

    A high-severity privilege escalation flaw in Kibana's Fleet plugin debug route handlers allows authenticated users with limited Fleet sub-feature...

  • SecurityApr 8, 2026

    CVE-2026-4003: WordPress Users Manager PN Plugin Privilege

    A critical privilege escalation vulnerability in the Users Manager – PN WordPress plugin (v1.1.15 and below) allows unauthenticated attackers to update...

  • SecurityApr 7, 2026

    CVE-2026-1114: lollms JWT Weak Secret Key Allows Admin

    A critical vulnerability (CVSS 9.8) in parisneo/lollms v2.1.0 allows attackers to brute-force the application's JWT secret key offline, forge...

  • NewsApr 6, 2026

    Disgruntled Researcher Leaks BlueHammer Windows Zero-Day

    A security researcher operating under the aliases 'Chaotic Eclipse' and 'Nightmare-Eclipse' has publicly released exploit code for an unpatched Windows...

  • NewsApr 6, 2026

    GPUBreach: New Rowhammer Attack on GPU GDDR6 Memory Enables

    Researchers from the University of Toronto have demonstrated GPUBreach, a novel attack that induces Rowhammer bit-flips in GPU GDDR6 memory to bypass...

  • SecurityApr 3, 2026

    CVE-2026-26135: Azure Custom Locations SSRF Enables

    A critical server-side request forgery vulnerability in Azure Custom Locations Resource Provider allows an authorized attacker to elevate privileges over...

  • NewsApr 2, 2026

    Cisco Patches Critical and High-Severity Vulnerabilities

    Cisco has released security advisories addressing a batch of critical and high-severity vulnerabilities across multiple products, covering flaws that...

  • SecurityMar 30, 2026

    CVE-2026-32987: OpenClaw Bootstrap Code Replay Enables

    A critical CVSS 9.8 vulnerability in OpenClaw allows attackers to replay a valid bootstrap setup code multiple times before approval, escalating device...

  • SecurityMar 29, 2026

    CVE-2026-32922: OpenClaw Privilege Escalation via Token

    A critical CVSS 9.9 privilege escalation vulnerability in OpenClaw allows operators with limited pairing scope to mint tokens with unrestricted admin...

  • SecurityMar 22, 2026

    CVE-2026-3629: WordPress User Import Plugin Privilege

    The Import and export users and customers plugin for WordPress is vulnerable to privilege escalation in all versions up to 1.29.7, allowing authenticated...

  • SecurityMar 21, 2026

    CVE-2026-22172: OpenClaw Critical Authorization Bypass via WebSocket Scope Elevation

    A critical CVSS 9.9 authorization bypass in OpenClaw allows authenticated users to self-declare elevated scopes over WebSocket connections without...

  • SecurityMar 18, 2026

    CVE-2026-25770: Wazuh Privilege Escalation to Root via Cluster Protocol File Write

    A critical privilege escalation vulnerability (CVSS 9.1) in Wazuh versions 3.9.0–4.14.2 allows authenticated cluster nodes to overwrite the manager...

  • SecurityMar 16, 2026

    CVE-2016-20024: ZKTeco ZKTime.Net Insecure File Permissions

    ZKTeco ZKTime.Net 3.0.1.6 ships with world-writable directory permissions on its installation folder, allowing any local unprivileged user to replace...

  • SecurityMar 13, 2026

    Critical RCE in Veeam Backup & Replication — Backup Viewer

    A critical CVSS 9.9 vulnerability in Veeam Backup & Replication allows users with the lowest-privileged Backup Viewer role to execute arbitrary code as...

  • SecurityFeb 11, 2026

    CVE-2026-21533: Windows Remote Desktop Services Zero-Day

    Actively exploited zero-day in Windows RDS allows authenticated attackers with low privileges to escalate to SYSTEM. Public exploit code available....

  • SecurityFeb 8, 2026

    Cisco IOS XE Web UI Privilege Escalation Actively Exploited

    Cisco discloses a high-severity privilege escalation vulnerability in IOS XE Web UI that allows authenticated users to gain root access. Active...

  • SecurityJan 25, 2026

    WordPress Plugin Vulnerability (CVSS 10.0) Under Active

    Maximum severity flaw in Modular DS WordPress plugin allows unauthenticated privilege escalation. All versions through 2.5.1 affected with active...