May 26, 2026—KB5089570 (OS Build 28000.2179) Preview

May 26, 2026—KB5089570 OS Build 28000.2179 Preview ​​​​This cumulative update for Windows 11, version 26H1 KB5083806, includes production-quality improvements. Visit the Windows release health dashboard for the latest status on this release. Highlights This update is available through two release...

Microsoft Releases Mitigation for YellowKey BitLocker Bypass CVE-2026-45585 Exploit

Microsoft on Tuesday released a mitigation for a BitLocker bypass vulnerability named YellowKey following its public disclosure last week. The zero-day flaw, now tracked as CVE-2026-45585 , carries a CVSS score of 6.8. It has been described as a BitLocker security feature bypass. "Microsoft is...

May 12, 2026—KB5089549 (OS Builds 26200.8457 and 26100.8457)

May 12, 2026—KB5089549 OS Builds 26200.8457 and 26100.8457 This cumulative update for Windows 11, version 25H2 and 24H2 KB5089549 includes the latest security fixes and improvements, along with non-security updates from last month's optional preview release.Visit the Windows release health...

May 12, 2026-KB5087054 Cumulative Update for .NET Framework 3.5 and 4.8.1 for Windows 11, version 24H2

May 12, 2026-KB5087054 Cumulative Update for .NET Framework 3.5 and 4.8.1 for Windows 11, version 24H2 Release Date: May 12, 2026 Version: .NET Framework 3.5 and 4.8.1 The May 12, 2026 update for Windows 11, version 24H2 includes security and cumulative reliability improvements in .NET Framework...

May 12, 2026-KB5087051 Cumulative Update for .NET Framework 3.5 and 4.8.1 for Windows 11, version 25H2 and Microsoft server operating system 24H2

May 12, 2026-KB5087051 Cumulative Update for .NET Framework 3.5 and 4.8.1 for Windows 11, version 25H2 and Microsoft server operating system 24H2 Release Date: May 12, 2026 Version: .NET Framework 3.5 and 4.8.1 The May 12, 2026 update for Windows 11, version 25H2 and Microsoft server operating...

Microsoft Win32k 安全漏洞

Microsoft Win32k is a system file used by Microsoft for multi-user management in Windows operating systems. There are security vulnerabilities in Microsoft Win32k. Attackers can exploit these vulnerabilities to execute code remotely. The following products and versions are affected: Windows 11...

KB5087420: Windows 11 version 23H2 Security Update (May 2026)

The remote Windows host is missing security update 5087420. It is, therefore, affected by multiple vulnerabilities - Heap-based buffer overflow in Microsoft Windows DNS allows an unauthorized attacker to execute code over a network. CVE-2026-41096 - Use after free in Windows Hyper-V allows an...

📄 Microsoft Windows 11 24H2 Local Privilege Escalation

Microsoft Windows 11 24H2 suffers from a local privilege escalation vulnerability. Exploit Title: Windows 11 24H2 - Local Privilege Escalation Google Dork: inurl:http.sys "Windows 11 24H2" vulnerability | intitle:"HTTP.sys" "CVE-2026-21250" "Elevation of Privilege" Date: 2026-02-27 Exploit Author...

Microsoft Windows Active Directory 授权问题漏洞

Microsoft Windows Active Directory is a centralized directory management service provided by Microsoft for managing large-scale network environments. It stores information about objects on the network, enabling administrators and users to easily find and use this information. There are...

Microsoft Function Discovery Service 竞争条件问题漏洞

The Microsoft Function Discovery Service is a background service provided by Microsoft Corporation. There are vulnerabilities related to competition conditions in the Microsoft Function Discovery Service fdwsd.dll. Attackers can exploit these vulnerabilities to gain elevated privileges. The...

Microsoft Windows Push Notifications 资源管理错误漏洞

Microsoft Windows Push Notifications is a push notification service provided by Microsoft Corporation. It provides a reliable way to deliver new updates. There is a resource management vulnerability in Microsoft Windows Push Notifications. Attackers can exploit this vulnerability to gain elevated...

Microsoft Windows 资源管理错误漏洞

Microsoft Windows is an operating system used by personal devices by the American company Microsoft. The Microsoft Windows Server Update Service has a resource management vulnerability. Attackers can exploit this vulnerability to gain higher privileges. The following products and versions are...

Microsoft HTTP.sys 缓冲区错误漏洞

Microsoft HTTP.SYS is an HTTP application protocol developed by Microsoft Corporation. There is a buffer error vulnerability in Microsoft HTTP.SYS. Attackers can exploit this vulnerability to cause a denial-of-service attack on the system. The following products and versions are affected: Windows...

Microsoft Snipping Tool 信息泄露漏洞

Microsoft Snipping Tool is a screenshot tool developed by Microsoft Corporation. The Microsoft Snipping Tool has an information leakage vulnerability. Attackers can exploit this vulnerability to obtain sensitive information. The following products and versions are affected: Windows 10 Version 21H...

Microsoft Windows Hello 输入验证错误漏洞

Microsoft Windows Hello is a biometric login method provided by Microsoft Corporation in the United States. It allows users to log in using their face, fingerprint, or PIN. There is an input validation vulnerability in Microsoft Windows Hello. Attackers can exploit this vulnerability to bypass...

Exploit for Classic Buffer Overflow in Freefloat Freefloat_Ftp_Server

Estudio técnico de la vulnerabilidad CVE-2025-5548 Introdu...

EUVD-2026-20111

An exposed IOCTL with an insufficient access control vulnerability has been identified in the utility, MxGeneralIo, for Moxa’s industrial x86 computers. The affected utility, MxGeneralIo, exposes IOCTL methods that permit direct read and write access to MSR and system memory. A local attacker wit...

Exploit for Classic Buffer Overflow in Freefloat Freefloat_Ftp_Server

🛡️ Memory Corruption Research & Exploitation Lab CVE-2025-554...

📄 Microsoft Windows 11 SMB Local Privilege Escalation

Proof of concept for CVE‑2025‑33073, a Microsoft Windows SMB privilege escalation vulnerability that abuses local NTLM reflection behavior within the SMB stack...

Microsoft Windows 11 24H2 NTLM Relay Orchestrator Privilege Escalation

This Metasploit module checks the SMB Signing status on remote targets. If signing is not required, the target is vulnerable to NTLM Relay attacks. It serves as an automated pre-flight check for relay operations...