PoC Released for PinTheft Linux Flaw Enabling Root Privilege Escalation
A public proof-of-concept (PoC) exploit called “PinTheft” has been released for a newly disclosed Linux kernel flaw that allows local attackers to escalate p...
MITRE ATT&CK Mapping
Articles mapped to MITRE ATT&CK techniques. Select a technique to view matching articles.
T1068 — Exploitation for Privilege Escalation (Privilege Escalation)
Clear filter73 articles found
PinTheft: Another Linux Privilege Escalation, Another Working Exploit, This Time Targeting Arch
PinTheft is a Linux LPE flaw in the RDS subsystem with public exploit code. Arch Linux users face the highest risk and should patch immediately.
DirtyDecrypt: PoC Released for yet another Linux flaw
DirtyDecrypt (CVE-2026-31635): working PoC out for a Linux kernel LPE flaw. Missing COW guard in rxgk_decrypt_skb lets local attackers reach root.
PoC Exploit Released for DirtyDecrypt Linux Kernel Vulnerability
PoC exploit code for the DirtyDecrypt (DirtyCBC) Linux kernel vulnerability has been released publicly, turning a previously theoretical local privilege esca...
DirtyDecrypt PoC Released for Linux Kernel CVE-2026-31635 LPE Vulnerability
Proof-of-concept (PoC) exploit code has now been released for a recently patched security flaw in the Linux kernel that could allow for local privilege escal...
Exploit available for new DirtyDecrypt Linux root escalation flaw
A recently patched local privilege escalation vulnerability in the Linux kernel's rxgk module now has a proof-of-concept exploit that allows attackers to gai...
Researchers Build First Public Apple M5 macOS Kernel Exploit with Mythos Preview
Security researchers have unveiled the first publicly known macOS kernel memory corruption exploit targeting Apple’s latest M5 silicon, marking a significant...
Broadcom patches high-severity VMware Fusion flaw allowing local privilege escalation
The vulnerability is a time-of-check time-of-use (TOCTOU) flaw affecting operations performed by a SETUID binary.
Fragnesia (CVE-2026-46300): Frequently asked questions about new Linux Kernel XFRM ESP-in-TCP privilege escalation
A new Linux kernel local privilege escalation exploit with a public proof-of-concept targets the same subsystem as Dirty Frag but requires a separate patch. ...
Fragnesia: New Linux kernel LPE bug was spawned by Dirty Frag patch (CVE-2026-46300)
Researchers have found and disclosed yet another local privilege escalation (LPE) vulnerability in the Linux kernel: CVE-2026-46300, aka “Fragnesia”. The fla...
New Fragnesia Linux Kernel LPE Grants Root Access via Page Cache Corruption
Details have emerged about a new variant of the recent Dirty Frag Linux local privilege escalation (LPE) vulnerability that allows local attackers to gain ro...
PoC Exploit Released for Fragnesia Linux Flaw Enabling Root Access
A newly discovered Linux local privilege escalation vulnerability, dubbed “Fragnesia,” is sending shockwaves through the cybersecurity community. This critic...
Copy.Fail Linux Vulnerability
This is the worst Linux vulnerability in years. TL;DR copy.
ZDI-26-310: Microsoft Windows splwow64 Race Condition Local Privilege Escalation Vulnerability
This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to...
ZDI-26-309: Microsoft Windows Message Queueing Double Free Local Privilege Escalation Vulnerability
This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows that run Message Queueing. An attacker must f...
Dirty Frag: Using the Page Caches as an Attack Surface
Dirty Frag is a Linux local privilege escalation (LPE) chain published on May 7, 2026. It combines two previously unknown kernel vulnerabilities can allow an...
Active attack: Dirty Frag Linux vulnerability expands post-compromise risk
Dirty Frag is a newly disclosed Linux local privilege escalation vulnerability affecting kernel networking and memory-fragment handling components including ...
Dirty Frag (CVE-2026-43284, CVE-2026-43500): Frequently asked questions about this Linux kernel privilege escalation vulnerability chain
Weeks after the Copy Fail vulnerability was revealed, a new Linux kernel escalation vulnerability has been uncovered. Dubbed “Dirty Frag,” this flaw could al...
Dirty Frag: Unpatched Linux vulnerability delivers root access
A week after Copy Fail, another Linux local privilege escalation vulnerability dubbed “Dirty Frag” has been revealed, along with a PoC exploit. What is Dirty...
Another Universal Linux Local Privilege Escalation (LPE) Vulnerability: Dirty Frag, (Fri, May 8th)
Less than two weeks after the public disclosure of the Copy Fail vulnerability (CVE-2026-31431), another local privilege escalation (LPE) vulnerability in th...