A [security researcher's writeup](https://mrbruh.com/msicenter/) published this week details a local privilege escalation (LPE) in MSI Center, the system management utility bundled with MSI gaming mot
Security researchers have disclosed **CVE-2026-46242**, nicknamed "Bad Epoll" — a local privilege escalation (LPE) flaw in the Linux kernel's `epoll` subsystem. The vulnerability allows any unprivileg
The Cybersecurity and Infrastructure Security Agency (CISA) [confirmed Monday](https://www.bleepingcomputer.com/news/security/cisa-windows-bluehammer-flaw-now-exploited-by-ransomware-gangs/) that rans
A public, working exploit for **CVE-2026-46331** — nicknamed "pedit COW" — is already in the wild. Any local unprivileged user on a vulnerable Linux system can use it to gain root. If you run Linux se
A Linux kernel privilege escalation flaw tracked as **CVE-2026-43503** (CVSS 8.8) — dubbed **DirtyClone** — now has a fully working public exploit as of June 25. This is an immediate patching emergenc
**Patch deadline: June 18, 2026.** That is 48 hours from now.
A public proof-of-concept exploit for an unpatched Microsoft Defender vulnerability has been released, granting SYSTEM-level access on fully updated Windows machines. There is currently no patch avail
Microsoft's June 2026 Patch Tuesday — the largest in company history at [nearly 200 vulnerabilities patched in a single cycle](https://krebsonsecurity.com/2026/06/a-record-breaking-patch-tuesday-for-j
Security researchers have published a [detailed, working exploit](https://thehackernews.com/2026/06/one-character-linux-kernel-flaw-enables.html) for **CVE-2026-23111**, a use-after-free vulnerability
Attackers are actively exploiting a critical privilege escalation vulnerability in the Kirki Customizer Framework plugin for WordPress, using it to silently promote themselves to administrator on any
A newly disclosed local privilege escalation (LPE) vulnerability, dubbed **CIFSwitch**, has been found in the Linux kernel. [BleepingComputer reports](https://www.bleepingcomputer.com/news/security/ne
This week's alerts share an uncomfortable common thread: local privilege escalation has become so routine that three separate Linux kernel LPE bugs surfaced within a fortnight, Windows shipped with a