MiniPlasma Windows 0-Day Enables SYSTEM Privilege Escalation on Fully Patched Systems

Monday, May 18, 2026 at 04:59 AM UTC·Source: The Hacker News

Updated: Monday, May 18, 2026 at 09:01 AM UTC

Executive Summary

Chaotic Eclipse, the security researcher behind the recently disclosed Windows flaws, YellowKey and GreenPlasma, has released a proof-of-concept (PoC) for a Windows privilege escalation zero-day flaw that grants attackers SYSTEM privileges on fully patched Windows systems. Codenamed MiniPlasma, the vulnerability impacts "cldflt.sys," which refers to the Windows Cloud Files Mini Filter Driver,

Analysis

Source Attribution

Originally published by The Hacker News on May 18, 2026.

Related Threats

CRITICALZero Day

‘Patched’ Windows bug resurfaces 6 years later as working SYSTEM-level exploit

An old elevation-of-privilege (EoV) vulnerability affecting the Cloud Filter driver “cldflt.sys” in Windows has come back to haunt Microsoft, as researchers claim it is still exploitable six years after it was supposedly patched. The flaw, originally reported to Microsoft by Google Project Zero researcher James Forshaw in September 2020, was recently picked up by Nightmare Eclipse , a researcher o

CVE-2020-17103CVE-2026-33825

2h agoCSO Online

CRITICALZero Day

Zero-Day Exploit Against Windows BitLocker

It’s nasty , but it requires physical access to the computer: The exploit, named YellowKey, was published earlier this week by a researcher who goes by the alias Nightmare-Eclipse. It reliably bypasses default Windows 11 deployments of BitLocker, the full-volume encryption protection Microsoft provides to make disk contents off-limits to anyone without the decryption key, which is stored in

3h agoSchneier on Security

CRITICALZero Day

Security Researchers Find 47 Zero-Days at Pwn2Own Berlin

The research community was awarded $1.3m as it found dozens of novel vulnerabilities at Pwn2Own Berlin

4h agoInfosecurity Magazine