DirtyDecrypt PoC Released for Linux Kernel CVE-2026-31635 LPE Vulnerability
Proof-of-concept (PoC) exploit code has now been released for a recently patched security flaw in the Linux kernel that could allow for local privilege escalation (LPE)
Privilege escalation lets an attacker gain elevated access, which can enable data theft or system control; least privilege and patching limit impact.
Search across headline titles and summaries.
Background for this topic.
Privilege escalation is gaining access beyond the permissions assigned to an account, process, or service. Vertical escalation moves from a lower-privileged role to an administrator or system account; horizontal escalation accesses another user’s resources at a similar privilege level. Attack paths include software vulnerabilities, insecure authorization checks, exposed credentials, unsafe service configurations, and excessive permissions in operating systems, applications, cloud environments, or containers.
Successful escalation can let an attacker change security settings, access protected data, execute code as a trusted service, or establish control that survives an initial compromise. The most relevant defenses are least-privilege access, strong separation of administrative accounts, server-side authorization checks for every sensitive action, timely remediation of exploitable flaws, and review of permissions for users, services, and workloads. Logging privileged actions and unusual account or process behavior supports detection and helps determine whether a compromised low-privilege foothold reached higher-value systems.
Weekly headline count for the current query.
Proof-of-concept (PoC) exploit code has now been released for a recently patched security flaw in the Linux kernel that could allow for local privilege escalation (LPE)
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Friday added a recently disclosed security flaw impacting various Linux distributions to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation in the wild
Microsoft has released out-of-band updates to address a security vulnerability in ASP.NET Core that could allow an attacker to escalate privileges
Fortinet has released out-of-band patches for a critical security flaw impacting FortiClient EMS that it said has been exploited in the wild
Microsoft has disclosed a now-patched security flaw in Windows Admin Center that could allow an attacker to escalate their privileges
SonicWall has rolled out fixes to address a security flaw in Secure Mobile Access (SMA) 100 series appliances that it said has been actively exploited in the wild
Zoom and Xerox have addressed critical security flaws in Zoom Clients for Windows and FreeFlow Core that could allow privilege escalation and remote code execution. The vulnerability impacting Zoom Clients for Windows, tracked as CVE-2025-49457 (CVSS score: 9.6), relates to a case of an untrusted search path that could pave the way for privilege escalation
Threat actors with links to the Play ransomware family exploited a recently patched security flaw in Microsoft Windows as a zero-day as part of an attack targeting an unnamed organization in the United States
Google has shipped patches to address 47 security flaws in its Android operating system, including one it said has come under active exploitation in the wild
Google has warned that a security flaw impacting its Android operating system has come under active exploitation in the wild
Google has released its monthly security updates for the Android operating system to address a known security flaw that it said has come under active exploitation in the wild
Microsoft on Wednesday acknowledged that a newly disclosed critical security flaw in Exchange Server has been actively exploited in the wild, a day after it released fixes for the vulnerability as part of its Patch Tuesday updates