ZeroPath Blog & Research
Explore our team's latest research and stay up to date with ZeroPath's capabilities.
CVE Analysis
•2025-05-13
•6 min read
Silent Threat: CVE-2025-30386 Exploits Microsoft Office Preview Pane for Remote Code Execution
CVE-2025-30386, a critical use-after-free vulnerability in Microsoft Office, allows attackers to execute code silently via the Preview Pane, posing significant risks to enterprise security.
ZeroPath Security Research
CVE Analysis
•2025-05-13
•6 min read
Windows CLFS Driver CVE-2025-30385: A Deep Look into Use-After-Free Privilege Escalation
An in-depth technical analysis of CVE-2025-30385, a use-after-free vulnerability in Windows CLFS Driver enabling local privilege escalation.
ZeroPath Security Research
CVE Analysis
•2025-05-13
•6 min read
CVE-2025-30384: Microsoft SharePoint Deserialization Flaw Opens Door to Local RCE
An in-depth analysis of CVE-2025-30384, a deserialization vulnerability in Microsoft SharePoint allowing local attackers to execute arbitrary code.
ZeroPath Security Research
CVE Analysis
•2025-05-13
•7 min read
Excel's Type Confusion Trouble: Unpacking CVE-2025-30383's Local Code Execution Risk
A detailed technical analysis of CVE-2025-30383, a critical type confusion vulnerability in Microsoft Excel enabling local code execution.
ZeroPath Security Research
CVE Analysis
•2025-05-13
•6 min read
Microsoft SharePoint's CVE-2025-30382: Unpacking the Deserialization RCE Risk
Explore the technical details behind CVE-2025-30382, a critical deserialization vulnerability in Microsoft SharePoint Server enabling remote code execution.
ZeroPath Security Research
CVE Analysis
•2025-05-13
•6 min read
Excel Under Siege: Unpacking CVE-2025-30381's Out-of-Bounds Read Exploit
A critical out-of-bounds read vulnerability in Microsoft Excel (CVE-2025-30381) exposes users to potential local code execution. Discover the technical details, mitigation strategies, and patch information to safeguard your systems.
ZeroPath Security Research
CVE Analysis
•2025-05-13
•6 min read
Excel's Memory Mishap: Analyzing CVE-2025-30379's Invalid Pointer Vulnerability
Explore CVE-2025-30379, a critical memory handling flaw in Microsoft Excel, allowing local attackers to execute arbitrary code via specially crafted documents.
ZeroPath Security Research
CVE Analysis
•2025-05-13
•6 min read
Microsoft SharePoint Under Siege: Unpacking CVE-2025-30378 Deserialization Flaw
A detailed technical analysis of CVE-2025-30378, a critical deserialization vulnerability in Microsoft SharePoint enabling local code execution.
ZeroPath Security Research
CVE Analysis
•2025-05-13
•6 min read
Silent Threat: CVE-2025-30377 Exploits Microsoft Office Preview Pane for Remote Code Execution
CVE-2025-30377, a critical use-after-free vulnerability in Microsoft Office, enables attackers to execute arbitrary code via Outlook's Preview Pane without user interaction.
ZeroPath Security Research
CVE Analysis
•2025-05-13
•7 min read
Excel Under Siege: Analyzing CVE-2025-30376 Heap-Based Buffer Overflow
A detailed technical analysis of CVE-2025-30376, a heap-based buffer overflow vulnerability in Microsoft Excel, enabling local attackers to execute arbitrary code.
ZeroPath Security Research
CVE Analysis
•2025-05-13
•6 min read
Excel's Type Confusion Trouble: Unpacking CVE-2025-30375
A detailed exploration of CVE-2025-30375, a type confusion vulnerability in Microsoft Excel enabling local code execution.
ZeroPath Security Research
CVE Analysis
•2025-05-13
•6 min read
Excel Under Attack: Unpacking CVE-2025-29979 Heap Overflow Vulnerability
A detailed technical analysis of CVE-2025-29979, a heap-based buffer overflow in Microsoft Office Excel, enabling local attackers to execute arbitrary code.
ZeroPath Security Research
CVE Analysis
•2025-05-13
•6 min read
PowerPoint Peril: Unpacking CVE-2025-29978's Use-After-Free Exploit
An in-depth technical analysis of CVE-2025-29978, a use-after-free vulnerability in Microsoft PowerPoint enabling local code execution.
ZeroPath Security Research
CVE Analysis
•2025-05-13
•6 min read
Excel Under Siege: Unpacking CVE-2025-29977's Use-After-Free Vulnerability
A detailed technical analysis of CVE-2025-29977, a critical use-after-free vulnerability in Microsoft Excel, including affected versions, exploitation methods, and mitigation strategies.
ZeroPath Security Research
CVE Analysis
•2025-05-13
•5 min read
Microsoft SharePoint Privilege Escalation Alert: Inside CVE-2025-29976
A critical privilege escalation vulnerability (CVE-2025-29976) in Microsoft SharePoint could allow authorized users to gain unauthorized administrative privileges. Immediate patching recommended.
ZeroPath Security Research
CVE Analysis
•2025-05-13
•6 min read
WTD.sys Under Siege: Analyzing CVE-2025-29971's Kernel-Level DoS Threat
Explore the kernel-mode vulnerability CVE-2025-29971 in Microsoft's Web Threat Defense (WTD.sys), enabling remote attackers to trigger denial-of-service conditions.
ZeroPath Security Research
CVE Analysis
•2025-05-13
•6 min read
Microsoft Brokering File System Flaw CVE-2025-29970: A Deep Look at Privilege Escalation Risks
Explore the critical use-after-free vulnerability CVE-2025-29970 in Microsoft's Brokering File System, enabling local attackers to escalate privileges to SYSTEM level.
ZeroPath Security Research
CVE Analysis
•2025-05-13
•6 min read
CVE-2025-29969: Windows Fundamentals TOCTOU Race Condition Opens Door to Network-Based Code Execution
A detailed technical analysis of CVE-2025-29969, a high-severity TOCTOU race condition in Windows Fundamentals, enabling network-based code execution.
ZeroPath Security Research
CVE Analysis
•2025-05-13
•5 min read
Critical Heap Overflow in Microsoft RD Gateway (CVE-2025-29967): Remote Code Execution Risk
A detailed technical analysis of CVE-2025-29967, a critical heap-based buffer overflow in Microsoft's Remote Desktop Gateway Service, enabling remote code execution without authentication.
ZeroPath Security Research
CVE Analysis
•2025-05-13
•7 min read
Windows Remote Desktop Under Siege: Analyzing CVE-2025-29966 Heap Overflow
A critical heap-based buffer overflow in Windows Remote Desktop Client (CVE-2025-29966) allows remote attackers to execute arbitrary code without user interaction. We dissect the vulnerability, exploitation methods, and essential mitigation strategies.
ZeroPath Security Research