{ "generated": "2026-05-27T19:32:38+00:00", "source": "https://threat-intelligence.redeyesecurity.com", "cves": [ { "cve_id": "CVE-2026-33825", "post_url": "https://threat-intelligence.redeyesecurity.com/blog/nightmare-eclipse-fortigate-intrusion-2026.html", "post_title": "Nightmare-Eclipse Toolkit Deployed 8 Days After Public Release \u2014 FortiGate Intrusion Analysis", "post_published": "2026-05-11", "description": "A threat actor gained access via compromised FortiGate SSL VPN credentials and deployed three publicly available Nightmare-Eclipse privilege escalation tools just eight days after release. A previously undocumented Go-based tunneling agent called BeigeBurrow was used for C2 persistence.", "references": [ "https://nvd.nist.gov/vuln/detail/CVE-2026-33825" ] }, { "cve_id": "CVE-2026-7482", "post_url": "https://threat-intelligence.redeyesecurity.com/blog/ollama-memory-leak-code-execution-vulnerabilities-2026.html", "post_title": "Critical Ollama Vulnerabilities Expose 300,000+ Servers to Memory Leaks and Persistent Code Execution", "post_published": "2026-05-10", "description": "A critical out-of-bounds read vulnerability (CVE-2026-7482, CVSS 9.1) in Ollama enables unauthenticated attackers to exfiltrate entire process memory from over 300,000 servers. Two additional unpatched Windows vulnerabilities allow persistent code execution through the update mechanism.", "references": [ "https://nvd.nist.gov/vuln/detail/CVE-2026-7482" ] }, { "cve_id": "CVE-2026-44009", "post_url": "https://threat-intelligence.redeyesecurity.com/blog/vm2-nodejs-sandbox-escape-vulnerabilities-2026.html", "post_title": "Twelve Critical Vulnerabilities in vm2 Node.js Library Enable Complete Sandbox Escape", "post_published": "2026-05-10", "description": "Twelve critical vulnerabilities in the widely-used vm2 Node.js sandbox library allow attackers to escape isolation and execute arbitrary code on host systems. Three vulnerabilities scored perfect 10.0 CVSS ratings, affecting all versions through 3.11.1.", "references": [ "https://nvd.nist.gov/vuln/detail/CVE-2026-44009" ] }, { "cve_id": "CVE-2026-44008", "post_url": "https://threat-intelligence.redeyesecurity.com/blog/vm2-nodejs-sandbox-escape-vulnerabilities-2026.html", "post_title": "Twelve Critical Vulnerabilities in vm2 Node.js Library Enable Complete Sandbox Escape", "post_published": "2026-05-10", "description": "Twelve critical vulnerabilities in the widely-used vm2 Node.js sandbox library allow attackers to escape isolation and execute arbitrary code on host systems. Three vulnerabilities scored perfect 10.0 CVSS ratings, affecting all versions through 3.11.1.", "references": [ "https://nvd.nist.gov/vuln/detail/CVE-2026-44008" ] }, { "cve_id": "CVE-2026-44007", "post_url": "https://threat-intelligence.redeyesecurity.com/blog/vm2-nodejs-sandbox-escape-vulnerabilities-2026.html", "post_title": "Twelve Critical Vulnerabilities in vm2 Node.js Library Enable Complete Sandbox Escape", "post_published": "2026-05-10", "description": "Twelve critical vulnerabilities in the widely-used vm2 Node.js sandbox library allow attackers to escape isolation and execute arbitrary code on host systems. Three vulnerabilities scored perfect 10.0 CVSS ratings, affecting all versions through 3.11.1.", "references": [ "https://nvd.nist.gov/vuln/detail/CVE-2026-44007" ] }, { "cve_id": "CVE-2026-44006", "post_url": "https://threat-intelligence.redeyesecurity.com/blog/vm2-nodejs-sandbox-escape-vulnerabilities-2026.html", "post_title": "Twelve Critical Vulnerabilities in vm2 Node.js Library Enable Complete Sandbox Escape", "post_published": "2026-05-10", "description": "Twelve critical vulnerabilities in the widely-used vm2 Node.js sandbox library allow attackers to escape isolation and execute arbitrary code on host systems. Three vulnerabilities scored perfect 10.0 CVSS ratings, affecting all versions through 3.11.1.", "references": [ "https://nvd.nist.gov/vuln/detail/CVE-2026-44006" ] }, { "cve_id": "CVE-2026-44005", "post_url": "https://threat-intelligence.redeyesecurity.com/blog/vm2-nodejs-sandbox-escape-vulnerabilities-2026.html", "post_title": "Twelve Critical Vulnerabilities in vm2 Node.js Library Enable Complete Sandbox Escape", "post_published": "2026-05-10", "description": "Twelve critical vulnerabilities in the widely-used vm2 Node.js sandbox library allow attackers to escape isolation and execute arbitrary code on host systems. Three vulnerabilities scored perfect 10.0 CVSS ratings, affecting all versions through 3.11.1.", "references": [ "https://nvd.nist.gov/vuln/detail/CVE-2026-44005" ] }, { "cve_id": "CVE-2026-43999", "post_url": "https://threat-intelligence.redeyesecurity.com/blog/vm2-nodejs-sandbox-escape-vulnerabilities-2026.html", "post_title": "Twelve Critical Vulnerabilities in vm2 Node.js Library Enable Complete Sandbox Escape", "post_published": "2026-05-10", "description": "Twelve critical vulnerabilities in the widely-used vm2 Node.js sandbox library allow attackers to escape isolation and execute arbitrary code on host systems. Three vulnerabilities scored perfect 10.0 CVSS ratings, affecting all versions through 3.11.1.", "references": [ "https://nvd.nist.gov/vuln/detail/CVE-2026-43999" ] }, { "cve_id": "CVE-2026-43997", "post_url": "https://threat-intelligence.redeyesecurity.com/blog/vm2-nodejs-sandbox-escape-vulnerabilities-2026.html", "post_title": "Twelve Critical Vulnerabilities in vm2 Node.js Library Enable Complete Sandbox Escape", "post_published": "2026-05-10", "description": "Twelve critical vulnerabilities in the widely-used vm2 Node.js sandbox library allow attackers to escape isolation and execute arbitrary code on host systems. Three vulnerabilities scored perfect 10.0 CVSS ratings, affecting all versions through 3.11.1.", "references": [ "https://nvd.nist.gov/vuln/detail/CVE-2026-43997" ] }, { "cve_id": "CVE-2026-42249", "post_url": "https://threat-intelligence.redeyesecurity.com/blog/ollama-memory-leak-code-execution-vulnerabilities-2026.html", "post_title": "Critical Ollama Vulnerabilities Expose 300,000+ Servers to Memory Leaks and Persistent Code Execution", "post_published": "2026-05-10", "description": "A critical out-of-bounds read vulnerability (CVE-2026-7482, CVSS 9.1) in Ollama enables unauthenticated attackers to exfiltrate entire process memory from over 300,000 servers. Two additional unpatched Windows vulnerabilities allow persistent code execution through the update mechanism.", "references": [ "https://nvd.nist.gov/vuln/detail/CVE-2026-42249" ] }, { "cve_id": "CVE-2026-42248", "post_url": "https://threat-intelligence.redeyesecurity.com/blog/ollama-memory-leak-code-execution-vulnerabilities-2026.html", "post_title": "Critical Ollama Vulnerabilities Expose 300,000+ Servers to Memory Leaks and Persistent Code Execution", "post_published": "2026-05-10", "description": "A critical out-of-bounds read vulnerability (CVE-2026-7482, CVSS 9.1) in Ollama enables unauthenticated attackers to exfiltrate entire process memory from over 300,000 servers. Two additional unpatched Windows vulnerabilities allow persistent code execution through the update mechanism.", "references": [ "https://nvd.nist.gov/vuln/detail/CVE-2026-42248" ] }, { "cve_id": "CVE-2026-26956", "post_url": "https://threat-intelligence.redeyesecurity.com/blog/vm2-nodejs-sandbox-escape-vulnerabilities-2026.html", "post_title": "Twelve Critical Vulnerabilities in vm2 Node.js Library Enable Complete Sandbox Escape", "post_published": "2026-05-10", "description": "Twelve critical vulnerabilities in the widely-used vm2 Node.js sandbox library allow attackers to escape isolation and execute arbitrary code on host systems. Three vulnerabilities scored perfect 10.0 CVSS ratings, affecting all versions through 3.11.1.", "references": [ "https://nvd.nist.gov/vuln/detail/CVE-2026-26956" ] }, { "cve_id": "CVE-2026-26332", "post_url": "https://threat-intelligence.redeyesecurity.com/blog/vm2-nodejs-sandbox-escape-vulnerabilities-2026.html", "post_title": "Twelve Critical Vulnerabilities in vm2 Node.js Library Enable Complete Sandbox Escape", "post_published": "2026-05-10", "description": "Twelve critical vulnerabilities in the widely-used vm2 Node.js sandbox library allow attackers to escape isolation and execute arbitrary code on host systems. Three vulnerabilities scored perfect 10.0 CVSS ratings, affecting all versions through 3.11.1.", "references": [ "https://nvd.nist.gov/vuln/detail/CVE-2026-26332" ] }, { "cve_id": "CVE-2026-24781", "post_url": "https://threat-intelligence.redeyesecurity.com/blog/vm2-nodejs-sandbox-escape-vulnerabilities-2026.html", "post_title": "Twelve Critical Vulnerabilities in vm2 Node.js Library Enable Complete Sandbox Escape", "post_published": "2026-05-10", "description": "Twelve critical vulnerabilities in the widely-used vm2 Node.js sandbox library allow attackers to escape isolation and execute arbitrary code on host systems. Three vulnerabilities scored perfect 10.0 CVSS ratings, affecting all versions through 3.11.1.", "references": [ "https://nvd.nist.gov/vuln/detail/CVE-2026-24781" ] }, { "cve_id": "CVE-2026-24120", "post_url": "https://threat-intelligence.redeyesecurity.com/blog/vm2-nodejs-sandbox-escape-vulnerabilities-2026.html", "post_title": "Twelve Critical Vulnerabilities in vm2 Node.js Library Enable Complete Sandbox Escape", "post_published": "2026-05-10", "description": "Twelve critical vulnerabilities in the widely-used vm2 Node.js sandbox library allow attackers to escape isolation and execute arbitrary code on host systems. Three vulnerabilities scored perfect 10.0 CVSS ratings, affecting all versions through 3.11.1.", "references": [ "https://nvd.nist.gov/vuln/detail/CVE-2026-24120" ] }, { "cve_id": "CVE-2026-24118", "post_url": "https://threat-intelligence.redeyesecurity.com/blog/vm2-nodejs-sandbox-escape-vulnerabilities-2026.html", "post_title": "Twelve Critical Vulnerabilities in vm2 Node.js Library Enable Complete Sandbox Escape", "post_published": "2026-05-10", "description": "Twelve critical vulnerabilities in the widely-used vm2 Node.js sandbox library allow attackers to escape isolation and execute arbitrary code on host systems. Three vulnerabilities scored perfect 10.0 CVSS ratings, affecting all versions through 3.11.1.", "references": [ "https://nvd.nist.gov/vuln/detail/CVE-2026-24118" ] }, { "cve_id": "CVE-2026-22709", "post_url": "https://threat-intelligence.redeyesecurity.com/blog/vm2-nodejs-sandbox-escape-vulnerabilities-2026.html", "post_title": "Twelve Critical Vulnerabilities in vm2 Node.js Library Enable Complete Sandbox Escape", "post_published": "2026-05-10", "description": "Twelve critical vulnerabilities in the widely-used vm2 Node.js sandbox library allow attackers to escape isolation and execute arbitrary code on host systems. Three vulnerabilities scored perfect 10.0 CVSS ratings, affecting all versions through 3.11.1.", "references": [ "https://nvd.nist.gov/vuln/detail/CVE-2026-22709" ] }, { "cve_id": "CVE-2023-37466", "post_url": "https://threat-intelligence.redeyesecurity.com/blog/vm2-nodejs-sandbox-escape-vulnerabilities-2026.html", "post_title": "Twelve Critical Vulnerabilities in vm2 Node.js Library Enable Complete Sandbox Escape", "post_published": "2026-05-10", "description": "Twelve critical vulnerabilities in the widely-used vm2 Node.js sandbox library allow attackers to escape isolation and execute arbitrary code on host systems. Three vulnerabilities scored perfect 10.0 CVSS ratings, affecting all versions through 3.11.1.", "references": [ "https://nvd.nist.gov/vuln/detail/CVE-2023-37466" ] }, { "cve_id": "CVE-2026-1357", "post_url": "https://threat-intelligence.redeyesecurity.com/blog/pcpjack-worm-exploits-5-cves-credential-theft-2026.html", "post_title": "PCPJack Worm Exploits 5 CVEs to Steal Credentials and Hijack TeamPCP Infrastructure", "post_published": "2026-05-07", "description": "New credential theft framework PCPJack exploits five CVEs to spread worm-like across cloud environments while deliberately removing TeamPCP artifacts. The campaign targets Docker, Kubernetes, and multiple cloud services to harvest credentials from cloud, container, and financial platforms.", "references": [ "https://nvd.nist.gov/vuln/detail/CVE-2026-1357" ] }, { "cve_id": "CVE-2025-9501", "post_url": "https://threat-intelligence.redeyesecurity.com/blog/pcpjack-worm-exploits-5-cves-credential-theft-2026.html", "post_title": "PCPJack Worm Exploits 5 CVEs to Steal Credentials and Hijack TeamPCP Infrastructure", "post_published": "2026-05-07", "description": "New credential theft framework PCPJack exploits five CVEs to spread worm-like across cloud environments while deliberately removing TeamPCP artifacts. The campaign targets Docker, Kubernetes, and multiple cloud services to harvest credentials from cloud, container, and financial platforms.", "references": [ "https://nvd.nist.gov/vuln/detail/CVE-2025-9501" ] }, { "cve_id": "CVE-2025-55182", "post_url": "https://threat-intelligence.redeyesecurity.com/blog/pcpjack-worm-exploits-5-cves-credential-theft-2026.html", "post_title": "PCPJack Worm Exploits 5 CVEs to Steal Credentials and Hijack TeamPCP Infrastructure", "post_published": "2026-05-07", "description": "New credential theft framework PCPJack exploits five CVEs to spread worm-like across cloud environments while deliberately removing TeamPCP artifacts. The campaign targets Docker, Kubernetes, and multiple cloud services to harvest credentials from cloud, container, and financial platforms.", "references": [ "https://nvd.nist.gov/vuln/detail/CVE-2025-55182" ] }, { "cve_id": "CVE-2025-48703", "post_url": "https://threat-intelligence.redeyesecurity.com/blog/pcpjack-worm-exploits-5-cves-credential-theft-2026.html", "post_title": "PCPJack Worm Exploits 5 CVEs to Steal Credentials and Hijack TeamPCP Infrastructure", "post_published": "2026-05-07", "description": "New credential theft framework PCPJack exploits five CVEs to spread worm-like across cloud environments while deliberately removing TeamPCP artifacts. The campaign targets Docker, Kubernetes, and multiple cloud services to harvest credentials from cloud, container, and financial platforms.", "references": [ "https://nvd.nist.gov/vuln/detail/CVE-2025-48703" ] }, { "cve_id": "CVE-2025-29927", "post_url": "https://threat-intelligence.redeyesecurity.com/blog/pcpjack-worm-exploits-5-cves-credential-theft-2026.html", "post_title": "PCPJack Worm Exploits 5 CVEs to Steal Credentials and Hijack TeamPCP Infrastructure", "post_published": "2026-05-07", "description": "New credential theft framework PCPJack exploits five CVEs to spread worm-like across cloud environments while deliberately removing TeamPCP artifacts. The campaign targets Docker, Kubernetes, and multiple cloud services to harvest credentials from cloud, container, and financial platforms.", "references": [ "https://nvd.nist.gov/vuln/detail/CVE-2025-29927" ] }, { "cve_id": "CVE-2026-5281", "post_url": "https://threat-intelligence.redeyesecurity.com/blog/chrome-zero-day-webgpu-cve-2026-5281.html", "post_title": "Chrome Zero-Day CVE-2026-5281: Active Exploitation of a WebGPU Use-After-Free", "post_published": "2026-05-05", "description": "A use-after-free in Chrome", "references": [ "https://nvd.nist.gov/vuln/detail/CVE-2026-5281" ] }, { "cve_id": "CVE-2026-41940", "post_url": "https://threat-intelligence.redeyesecurity.com/blog/cpanel-zero-day-cve-2026-41940.html", "post_title": "cPanel Was Being Exploited for Two Months Before a Patch Existed (CVE-2026-41940)", "post_published": "2026-05-05", "description": "An auth bypass in cPanel/WHM was exploited as a zero-day from February 23 to April 28, compromising 44,000+ servers before a patch existed. 1.5 million servers remain at risk.", "references": [ "https://nvd.nist.gov/vuln/detail/CVE-2026-41940" ] }, { "cve_id": "CVE-2026-33827", "post_url": "https://threat-intelligence.redeyesecurity.com/blog/microsoft-april-patch-tuesday-wormable-2026.html", "post_title": "April Patch Tuesday: 163 Vulnerabilities, a Wormable TCP/IP RCE, and Two Already-Exploited Flaws", "post_published": "2026-05-05", "description": "Microsoft", "references": [ "https://nvd.nist.gov/vuln/detail/CVE-2026-33827" ] }, { "cve_id": "CVE-2026-33824", "post_url": "https://threat-intelligence.redeyesecurity.com/blog/microsoft-april-patch-tuesday-wormable-2026.html", "post_title": "April Patch Tuesday: 163 Vulnerabilities, a Wormable TCP/IP RCE, and Two Already-Exploited Flaws", "post_published": "2026-05-05", "description": "Microsoft", "references": [ "https://nvd.nist.gov/vuln/detail/CVE-2026-33824" ] }, { "cve_id": "CVE-2026-32202", "post_url": "https://threat-intelligence.redeyesecurity.com/blog/microsoft-april-patch-tuesday-wormable-2026.html", "post_title": "April Patch Tuesday: 163 Vulnerabilities, a Wormable TCP/IP RCE, and Two Already-Exploited Flaws", "post_published": "2026-05-05", "description": "Microsoft", "references": [ "https://nvd.nist.gov/vuln/detail/CVE-2026-32202" ] }, { "cve_id": "CVE-2026-31431", "post_url": "https://threat-intelligence.redeyesecurity.com/blog/copy-fail-linux-root-cve-2026.html", "post_title": "Copy Fail: The 732-Byte Python Script That Roots Every Major Linux Distro", "post_published": "2026-05-05", "description": "A 9-year-old Linux kernel bug in the AEAD crypto interface lets any local user overwrite any file", "references": [ "https://nvd.nist.gov/vuln/detail/CVE-2026-31431" ] }, { "cve_id": "CVE-2026-0625", "post_url": "https://threat-intelligence.redeyesecurity.com/blog/dlink-router-zero-day-cve-2026-0625.html", "post_title": "This D-Link Router Zero-Day Has Been Exploited Since November. There Is No Patch.", "post_published": "2026-05-05", "description": "A command injection vulnerability in four end-of-life D-Link router models has been exploited by a Mirai variant since November 2025. D-Link confirmed no patch is coming. The only fix is hardware replacement.", "references": [ "https://nvd.nist.gov/vuln/detail/CVE-2026-0625" ] }, { "cve_id": "CVE-2023-50224", "post_url": "https://threat-intelligence.redeyesecurity.com/blog/apt28-router-dns-hijacking-2026.html", "post_title": "Russia's APT28 Is Hijacking Your Router to Steal Microsoft 365 Credentials", "post_published": "2026-05-05", "description": "GRU-affiliated APT28 exploited unpatched TP-Link routers to perform DNS hijacking against NATO members and Ukraine, capturing M365 credentials via adversary-in-the-middle infrastructure.", "references": [ "https://nvd.nist.gov/vuln/detail/CVE-2023-50224" ] }, { "cve_id": "CVE-2026-5194", "post_url": "https://threat-intelligence.redeyesecurity.com/blog/claude-mythos-ai-discovers-10000-vulnerabilities-2026.html", "post_title": "Anthropic's Claude Mythos AI Discovers 10,000 Critical Vulnerabilities in One Month", "post_published": "", "description": "Anthropic", "references": [ "https://nvd.nist.gov/vuln/detail/CVE-2026-5194" ] }, { "cve_id": "CVE-2026-45321", "post_url": "https://threat-intelligence.redeyesecurity.com/blog/mini-shai-hulud-worm-slsa-attested-supply-chain-attack-2026.html", "post_title": "Mini Shai-Hulud Worm Deploys SLSA-Attested Malware Across Major Package Ecosystems", "post_published": "", "description": "TeamPCP threat actors compromised 42 TanStack packages and infiltrated npm/PyPI repositories from Mistral AI, UiPath, OpenSearch, and Guardrails AI using GitHub Actions OIDC token hijacking. The worm produces validly attested malicious packages and includes a destructive wiper component targeting developers who revoke compromised tokens.", "references": [ "https://nvd.nist.gov/vuln/detail/CVE-2026-45321" ] }, { "cve_id": "CVE-2026-44338", "post_url": "https://threat-intelligence.redeyesecurity.com/blog/praisonai-auth-bypass-exploited-4-hours-2026.html", "post_title": "PraisonAI Authentication Bypass Exploited Within 4 Hours of Disclosure", "post_published": "", "description": "CVE-2026-44338, a critical authentication bypass in PraisonAI", "references": [ "https://nvd.nist.gov/vuln/detail/CVE-2026-44338" ] }, { "cve_id": "CVE-2026-42945", "post_url": "https://threat-intelligence.redeyesecurity.com/blog/nginx-cve-2026-42945-active-exploitation-2026.html", "post_title": "NGINX CVE-2026-42945 Under Active Exploitation: 18-Year-Old Flaw Triggers Worker Crashes and RCE", "post_published": "", "description": "Critical heap buffer overflow in NGINX versions 0.6.27 through 1.30.0 is being actively exploited in the wild. The vulnerability, introduced in 2008, allows unauthenticated attackers to crash worker processes or achieve remote code execution on systems without ASLR protection.", "references": [ "https://nvd.nist.gov/vuln/detail/CVE-2026-42945" ] }, { "cve_id": "CVE-2026-28517", "post_url": "https://threat-intelligence.redeyesecurity.com/blog/nginx-cve-2026-42945-active-exploitation-2026.html", "post_title": "NGINX CVE-2026-42945 Under Active Exploitation: 18-Year-Old Flaw Triggers Worker Crashes and RCE", "post_published": "", "description": "Critical heap buffer overflow in NGINX versions 0.6.27 through 1.30.0 is being actively exploited in the wild. The vulnerability, introduced in 2008, allows unauthenticated attackers to crash worker processes or achieve remote code execution on systems without ASLR protection.", "references": [ "https://nvd.nist.gov/vuln/detail/CVE-2026-28517" ] }, { "cve_id": "CVE-2026-28516", "post_url": "https://threat-intelligence.redeyesecurity.com/blog/nginx-cve-2026-42945-active-exploitation-2026.html", "post_title": "NGINX CVE-2026-42945 Under Active Exploitation: 18-Year-Old Flaw Triggers Worker Crashes and RCE", "post_published": "", "description": "Critical heap buffer overflow in NGINX versions 0.6.27 through 1.30.0 is being actively exploited in the wild. The vulnerability, introduced in 2008, allows unauthenticated attackers to crash worker processes or achieve remote code execution on systems without ASLR protection.", "references": [ "https://nvd.nist.gov/vuln/detail/CVE-2026-28516" ] }, { "cve_id": "CVE-2026-28515", "post_url": "https://threat-intelligence.redeyesecurity.com/blog/nginx-cve-2026-42945-active-exploitation-2026.html", "post_title": "NGINX CVE-2026-42945 Under Active Exploitation: 18-Year-Old Flaw Triggers Worker Crashes and RCE", "post_published": "", "description": "Critical heap buffer overflow in NGINX versions 0.6.27 through 1.30.0 is being actively exploited in the wild. The vulnerability, introduced in 2008, allows unauthenticated attackers to crash worker processes or achieve remote code execution on systems without ASLR protection.", "references": [ "https://nvd.nist.gov/vuln/detail/CVE-2026-28515" ] }, { "cve_id": "CVE-2025-48804", "post_url": "https://threat-intelligence.redeyesecurity.com/blog/yellowkey-greenplasma-zero-days-bitlocker-ctfmon-2026.html", "post_title": "YellowKey and GreenPlasma Zero-Days Target BitLocker Encryption and Windows Privilege Escalation", "post_published": "", "description": "Anonymous researcher Chaotic Eclipse disclosed two critical Windows zero-days: YellowKey enables BitLocker bypass through Windows Recovery Environment in minutes, while GreenPlasma allows SYSTEM-level privilege escalation via CTFMON. Both vulnerabilities remain unpatched as tensions escalate with Microsoft.", "references": [ "https://nvd.nist.gov/vuln/detail/CVE-2025-48804" ] }, { "cve_id": "CVE-2021-34527", "post_url": "https://threat-intelligence.redeyesecurity.com/blog/windows-miniplasma-zero-day-system-access-2026.html", "post_title": "Windows MiniPlasma Zero-Day Grants SYSTEM Access, PoC Published", "post_published": "", "description": "A newly disclosed Windows zero-day vulnerability dubbed MiniPlasma allows unprivileged users to escalate to SYSTEM-level access through a flaw in the Print Spooler service. Proof-of-concept code is now publicly available with no patch currently deployed.", "references": [ "https://nvd.nist.gov/vuln/detail/CVE-2021-34527" ] } ] }