ZeroPath at Black Hat USA 2026

ZeroPath Blog & Research

Explore our team's latest research and stay up to date with ZeroPath's capabilities.
Libxslt Type Confusion Vulnerability (CVE-2025-7424): Risks of XML Transformation Gone Wrong
CVE Analysis

2025-07-10

5 min read

Libxslt Type Confusion Vulnerability (CVE-2025-7424): Risks of XML Transformation Gone Wrong

An analysis of CVE-2025-7424, a type confusion vulnerability in libxslt, highlighting potential risks and technical insights.

ZeroPath Security Research

ZeroPath Security Research

GitLab XSS Vulnerability CVE-2025-6948: Malicious Content Injection Risk
CVE Analysis

2025-07-10

7 min read

GitLab XSS Vulnerability CVE-2025-6948: Malicious Content Injection Risk

A critical XSS vulnerability (CVE-2025-6948) in GitLab CE/EE allows attackers to execute unauthorized actions by injecting malicious content. Immediate patching is essential.

ZeroPath Security Research

ZeroPath Security Research

CVE-2025-49694: Microsoft Brokering File System Null Pointer Dereference Enables Privilege Escalation
CVE Analysis

2025-07-09

7 min read

CVE-2025-49694: Microsoft Brokering File System Null Pointer Dereference Enables Privilege Escalation

An in-depth analysis of CVE-2025-49694, a null pointer dereference flaw in Microsoft's Brokering File System, allowing local attackers to escalate privileges.

ZeroPath Security Research

ZeroPath Security Research

Microsoft Brokering File System Double Free Vulnerability: A Deep Look into CVE-2025-49693
CVE Analysis

2025-07-09

8 min read

Microsoft Brokering File System Double Free Vulnerability: A Deep Look into CVE-2025-49693

An in-depth technical analysis of CVE-2025-49693, a critical double free vulnerability in Microsoft's Brokering File System enabling local privilege escalation.

ZeroPath Security Research

ZeroPath Security Research

Windows Media's Hidden Danger: Analyzing CVE-2025-49682 Use-After-Free Privilege Escalation
CVE Analysis

2025-07-08

7 min read

Windows Media's Hidden Danger: Analyzing CVE-2025-49682 Use-After-Free Privilege Escalation

Explore the technical intricacies of CVE-2025-49682, a critical use-after-free vulnerability in Windows Media enabling local privilege escalation, and learn essential detection and mitigation strategies.

ZeroPath Security Research

ZeroPath Security Research

Windows Shell Numeric Truncation Flaw (CVE-2025-49679): A Gateway to Privilege Escalation
CVE Analysis

2025-07-08

8 min read

Windows Shell Numeric Truncation Flaw (CVE-2025-49679): A Gateway to Privilege Escalation

An in-depth analysis of CVE-2025-49679, a numeric truncation vulnerability in Windows Shell, enabling local attackers to escalate privileges.

ZeroPath Security Research

ZeroPath Security Research

Windows NTFS Privilege Escalation: Unpacking CVE-2025-49678's NULL Pointer Dereference
CVE Analysis

2025-07-08

7 min read

Windows NTFS Privilege Escalation: Unpacking CVE-2025-49678's NULL Pointer Dereference

An in-depth technical analysis of CVE-2025-49678, a NULL pointer dereference vulnerability in Windows NTFS allowing local attackers to escalate privileges.

ZeroPath Security Research

ZeroPath Security Research

Microsoft Brokering File System Flaw (CVE-2025-49677): A Deep Look at Privilege Escalation Risks
CVE Analysis

2025-07-08

6 min read

Microsoft Brokering File System Flaw (CVE-2025-49677): A Deep Look at Privilege Escalation Risks

An in-depth analysis of CVE-2025-49677, a use-after-free vulnerability in Microsoft's Brokering File System enabling local privilege escalation.

ZeroPath Security Research

ZeroPath Security Research

Windows RRAS Heap Overflow (CVE-2025-49676): Critical Vulnerability Enables Remote Code Execution
CVE Analysis

2025-07-08

6 min read

Windows RRAS Heap Overflow (CVE-2025-49676): Critical Vulnerability Enables Remote Code Execution

A critical heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows remote attackers to execute arbitrary code. Immediate patching is essential.

ZeroPath Security Research

ZeroPath Security Research

Kernel Streaming WOW Thunk Service Driver Exploit: Unpacking CVE-2025-49675's Use-After-Free Flaw
CVE Analysis

2025-07-08

6 min read

Kernel Streaming WOW Thunk Service Driver Exploit: Unpacking CVE-2025-49675's Use-After-Free Flaw

Analyzing CVE-2025-49675, a critical use-after-free vulnerability in Windows Kernel Streaming WOW Thunk Service Driver enabling local privilege escalation.

ZeroPath Security Research

ZeroPath Security Research

Windows RRAS Under Siege: Unpacking CVE-2025-49674's Heap Overflow Threat
CVE Analysis

2025-07-08

6 min read

Windows RRAS Under Siege: Unpacking CVE-2025-49674's Heap Overflow Threat

Explore the critical heap-based buffer overflow vulnerability CVE-2025-49674 in Windows RRAS, enabling remote attackers to execute arbitrary code. Immediate patching recommended.

ZeroPath Security Research

ZeroPath Security Research

Windows RRAS Under Siege: Analyzing the Critical Heap-Based Buffer Overflow (CVE-2025-49673)
CVE Analysis

2025-07-08

8 min read

Windows RRAS Under Siege: Analyzing the Critical Heap-Based Buffer Overflow (CVE-2025-49673)

Dive into the critical heap-based buffer overflow vulnerability CVE-2025-49673 affecting Windows Routing and Remote Access Service (RRAS), understand its technical intricacies, and learn how to safeguard your infrastructure.

ZeroPath Security Research

ZeroPath Security Research

Windows RRAS Under Siege: Analyzing the Critical CVE-2025-49672 Heap Overflow
CVE Analysis

2025-07-08

6 min read

Windows RRAS Under Siege: Analyzing the Critical CVE-2025-49672 Heap Overflow

A critical heap-based buffer overflow vulnerability in Windows Routing and Remote Access Service (RRAS) identified as CVE-2025-49672 allows remote attackers to execute arbitrary code. Immediate patching is essential.

ZeroPath Security Research

ZeroPath Security Research

Windows RRAS Under Siege: Analyzing CVE-2025-49670's Critical Heap Overflow
CVE Analysis

2025-07-08

6 min read

Windows RRAS Under Siege: Analyzing CVE-2025-49670's Critical Heap Overflow

A critical heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) identified as CVE-2025-49670 allows remote attackers to execute arbitrary code. Immediate patching is essential.

ZeroPath Security Research

ZeroPath Security Research

Windows RRAS Under Siege: Unpacking CVE-2025-49669 Heap Overflow
CVE Analysis

2025-07-08

5 min read

Windows RRAS Under Siege: Unpacking CVE-2025-49669 Heap Overflow

A critical heap-based buffer overflow in Windows RRAS (CVE-2025-49669) allows remote attackers to execute arbitrary code. Immediate patching is essential.

ZeroPath Security Research

ZeroPath Security Research

Windows RRAS Under Siege: Unpacking CVE-2025-49668's Heap-Based Buffer Overflow
CVE Analysis

2025-07-08

5 min read

Windows RRAS Under Siege: Unpacking CVE-2025-49668's Heap-Based Buffer Overflow

A critical heap-based buffer overflow in Windows RRAS (CVE-2025-49668) allows remote attackers to execute arbitrary code. Immediate patching is essential.

ZeroPath Security Research

ZeroPath Security Research

Windows Win32K Double-Free Vulnerability (CVE-2025-49667): A Technical Exploration
CVE Analysis

2025-07-08

8 min read

Windows Win32K Double-Free Vulnerability (CVE-2025-49667): A Technical Exploration

An in-depth technical analysis of CVE-2025-49667, a critical double-free vulnerability in Windows Win32K's ICOMP component enabling local privilege escalation.

ZeroPath Security Research

ZeroPath Security Research

CVE-2025-49666: Windows Kernel Heap Overflow Opens Door to Remote Code Execution
CVE Analysis

2025-07-08

7 min read

CVE-2025-49666: Windows Kernel Heap Overflow Opens Door to Remote Code Execution

A critical heap-based buffer overflow in the Windows Kernel (CVE-2025-49666) allows authorized attackers to execute arbitrary code remotely, highlighting urgent patching needs.

ZeroPath Security Research

ZeroPath Security Research

Windows RRAS Under Siege: Analyzing the Critical CVE-2025-49663 Heap-Based Buffer Overflow
CVE Analysis

2025-07-08

7 min read

Windows RRAS Under Siege: Analyzing the Critical CVE-2025-49663 Heap-Based Buffer Overflow

A critical heap-based buffer overflow in Windows RRAS (CVE-2025-49663) allows unauthenticated attackers remote code execution—here's what you need to know.

ZeroPath Security Research

ZeroPath Security Research

Windows AFD.sys Privilege Escalation: Inside CVE-2025-49661's Untrusted Pointer Dereference
CVE Analysis

2025-07-08

7 min read

Windows AFD.sys Privilege Escalation: Inside CVE-2025-49661's Untrusted Pointer Dereference

An in-depth analysis of CVE-2025-49661, a critical untrusted pointer dereference vulnerability in Windows Ancillary Function Driver for WinSock, enabling local privilege escalation.

ZeroPath Security Research

ZeroPath Security Research

Detect & fix
what others miss

Works with
  • GitHub
  • GitLab
  • Bitbucket
  • Azure DevOps Services
  • Jira
  • Linear
  • Slack
  • Security Compass
Security magnifying glass visualization
CVE Analysis | ZeroPath Security Blog - Vulnerability Research & Exploits | Page 60 | ZeroPath