EUVD-2026-31006

Microsoft is aware of a security feature bypass vulnerability in Windows publicly referred to as "YellowKey". The proof of concept for this vulnerability has been made public violating coordinated vulnerability best practices. We are issuing this CVE to provide mitigation guidance that can be...

CVE-2026-23674

Improper resolution of path equivalence in Windows MapUrlToZone allows an unauthorized attacker to bypass a security feature over a network...

Hackers Abuse ScreenConnect to Hijack PCs via Fake Social Security Emails

Forcepoint X-labs reveals how hackers use fake SSA emails and hijacked ScreenConnect tools to bypass Windows security to target UK, US, and Canadian organisations...

CVE-2025-55332 Windows BitLocker Security Feature Bypass Vulnerability

...

EUVD-2018-11695

Malware in sbrugna...

EUVD-2021-20463

Malware in sbrugna...

EUVD-2024-37764

Malicious code in bioql PyPI...

CVE-2025-54107

Improper resolution of path equivalence in Windows MapUrlToZone allows an unauthorized attacker to bypass a security feature over a network...

VulnCheck KEV: CVE-2025-24061

Protection mechanism failure in Windows Mark of the Web MOTW allows an unauthorized attacker to bypass a security feature locally...

PT-2025-1102 · Microsoft · Windows

Name of the Vulnerable Software and Affected Versions: Windows affected versions not specified Description: The issue is related to a security feature bypass vulnerability, specifically concerning the MapUrlToZone method in Windows operating systems. This vulnerability is associated with incorrec...

CVE-2024-37983

Windows Resume Extensible Firmware Interface Security Feature Bypass Vulnerability...

CVE-2024-37982 Windows Resume Extensible Firmware Interface Security Feature Bypass Vulnerability

...

CVE-2024-37982 Windows Resume Extensible Firmware Interface Security Feature Bypass Vulnerability

...

CVE-2024-37976

CVE-2024-37976 is described as a Windows EFI Partition vulnerability: a security feature bypass (Circumvention of security measure) with CVSS 3.1 base score 6.7 (LOCAL, LOW attack complexity, HIGH privileges required, no user interaction). The connected data specifies affected component as Window...

Windows Mark of the Web Security Feature Bypass Vulnerability

...

CVE-2024-30050

Windows Mark of the Web Security Feature Bypass Vulnerability...

CVE-2024-30040

Windows MSHTML Platform Security Feature Bypass Vulnerability...

CVE-2024-30040

CVE-2024-30040 is a Windows MSHTML Platform Security Feature Bypass vulnerability. The affected component is MSHTML (Windows), with a root cause described as a security feature bypass in the MSHTML engine. Impact per CVSS: CVSS 3.1 base score 8.8 (High) affecting confidentiality, integrity, and a...

CVE-2024-30050

CVE-2024-30050 is a Windows Mark of the Web security feature bypass vulnerability. Public sources label it as a security bypass issue in MOTW, with a CVSS v3.1 base score of 5.4 (Network, Low complexity, User interaction required; I and A impacts: I = Low, A = Low). The condition allows bypass of...

The vulnerability in the implementation of the Secure Boot protocol for operating systems with security features allows a perpetrator to circumvent security restrictions.

The vulnerability of the Secure Boot protocol for operating systems running Windows is related to a breach in the data protection mechanism. Exploiting this vulnerability could allow an attacker to circumvent security restrictions...