Patch Tuesday Analysis · May 2026 May 2026 Patch Tuesday: No Zero-Days for the First Time in 23 Months, but Three Unauthenticated 9.8 RCEs in the Queue Microsoft fixes 118 to 138 CVEs depending on methodology, including 16 critical, with no actively exploited or publicly disclosed vulnerability. First Patch Tuesday without a zero-day since June…
CTI Analysis · Unpatched Windows Vulnerability MiniPlasma: Chaotic Eclipse Reopens cldflt.sys and Revives the Question of Microsoft Patch Durability A fifth uncoordinated public disclosure in six weeks, a PoC targeting the Windows Cloud Files Mini Filter Driver, and an extraordinary claim: the CVE-2020-17103 patch would not be present on fully patched Windows 11 and Windows…
Technical Analysis · Linux Kernel Vulnerability Reading Root-Owned Files Without Privilege: What CVE-2026-46333 Reveals About Nine Years of Blind Spot in the Linux Kernel A race window in the Linux kernel ptrace access control allows, via pidfd_getfd(2), the theft of file descriptors held by SUID root binaries about to terminate. Two public exploits exfiltrate SSH…
