CVE-2026-45585 Windows BitLocker Security Feature Bypass Vulnerability

...

CVE-2026-45585

CVE-2026-45585 concerns a Windows security feature bypass publicly referred to as “YellowKey.” The CVE entry notes a mitigation path provided by Microsoft to protect against the vulnerability until an update is released. The CVSSv3.1 metrics indicate a MEDIUM base score (6.8) with physical attack...

Windows BitLocker Security Feature Bypass Vulnerability

Microsoft is aware of a security feature bypass vulnerability in Windows publicly referred to as "YellowKey". The proof of concept for this vulnerability has been made public violating coordinated vulnerability best practices. We are issuing this CVE to provide mitigation guidance that can be...

Zero-Day Exploit Against Windows BitLocker

It's nasty, but it requires physical access to the computer: The exploit, named YellowKey, was published earlier this week by a researcher who goes by the alias Nightmare-Eclipse. It reliably bypasses default Windows 11 deployments of BitLocker, the full-volume encryption protection Microsoft...

PT-2026-41382

Уязвимость компонента BitLocker операционных систем Windows связана с нарушением механизма защиты данных. Эксплуатация уязвимости может позволить нарушителю получить несанкционированный доступ к защищаемой информации...

CVE-2026-27913

Improper input validation in Windows BitLocker allows an unauthorized attacker to bypass a security feature locally...

EUVD-2026-22455

Improper input validation in Windows BitLocker allows an unauthorized attacker to bypass a security feature locally...

CVE-2026-27913

Improper input validation in Windows BitLocker allows an unauthorized attacker to bypass a security feature locally...

CVE-2026-27913 Windows BitLocker Security Feature Bypass Vulnerability

...

Windows BitLocker Security Feature Bypass Vulnerability

Improper input validation in Windows BitLocker allows an unauthorized attacker to bypass a security feature locally...

PT-2026-32775

Name of the Vulnerable Software and Affected Versions Windows BitLocker affected versions not specified Description Improper input validation in Windows BitLocker allows an unauthorized attacker to bypass a security feature, specifically Secure Boot, locally. This issue poses a risk to data...

PT-2026-21741

Name of the Vulnerable Software and Affected Versions CPSD CryptoPro Secure Disk affected versions not specified Description The CPSD CryptoPro Secure Disk application utilizes a small Linux operating system for user authentication prior to BitLocker decryption of the Windows partition. The Linux...

CVE-2025-55333

Incomplete comparison with missing factors in Windows BitLocker allows an unauthorized attacker to bypass a security feature with a physical attack...

CVE-2025-55338

Missing Ability to Patch ROM Code in Windows BitLocker allows an unauthorized attacker to bypass a security feature with a physical attack...

CVE-2025-55337

Improper enforcement of behavioral workflow in Windows BitLocker allows an unauthorized attacker to bypass a security feature with a physical attack...

EUVD-2025-34419

Missing Ability to Patch ROM Code in Windows BitLocker allows an unauthorized attacker to bypass a security feature with a physical attack...

EUVD-2025-34339

Improper enforcement of behavioral workflow in Windows BitLocker allows an unauthorized attacker to bypass a security feature with a physical attack...

EUVD-2025-34341

Improper enforcement of behavioral workflow in Windows BitLocker allows an unauthorized attacker to bypass a security feature with a physical attack...

CVE-2025-55682

Improper enforcement of behavioral workflow in Windows BitLocker allows an unauthorized attacker to bypass a security feature with a physical attack...

CVE-2025-55338

Missing Ability to Patch ROM Code in Windows BitLocker allows an unauthorized attacker to bypass a security feature with a physical attack...