{"vulnerability": "CVE-2026-45585", "sightings": [{"uuid": "39a5b9ea-7936-4182-b5af-79bbbcabf975", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-45585", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mmaxkpcnvx2v", "content": "CVE-2026-45585 - Windows BitLocker Security Feature Bypass Vulnerability\nCVE ID : CVE-2026-45585\n \n Published : May 20, 2026, 12:16 a.m. | 1\u00a0hour, 58\u00a0minutes ago\n \n Description : Microsoft is aware of a security feature bypass vulnerability in Windows publicly referred to as \"...", "creation_timestamp": "2026-05-20T03:27:50.802847Z"}, {"uuid": "a0350cc3-f00b-425c-9da1-8344478d3b3f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-45585", "type": "seen", "source": "https://bsky.app/profile/wdormann.infosec.exchange.ap.brid.gy/post/3mmaukeoobu22", "content": "Microsoft has released CVE-2026-45585 to document YellowKey mitigations.\n\nSpecifically, you remove the FsTx Auto Recovery Utility, `autofstx.exe`, from the WinRE image.\n\nWith this change, the Transactional NTFS replaying that deletes `winpeshl.ini` no longer [\u2026] \n\n[Original post on infosec.exchange]", "creation_timestamp": "2026-05-20T02:33:59.268445Z"}, {"uuid": "edd8a19b-432e-460c-9411-4c4e621bcc79", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-45585", "type": "seen", "source": "https://infosec.exchange/users/wdormann/statuses/116604563324444723", "content": "Microsoft has released CVE-2026-45585 to document YellowKey mitigations.\nSpecifically, you remove the FsTx Auto Recovery Utility, autofstx.exe, from the WinRE image.\nWith this change, the Transactional NTFS replaying that deletes winpeshl.ini no longer happens. It also recommends switching from TPM-only to TPM+PIN.\nBut wait!, you clever security-conscious person exclaims. If the WinRE partition is unencrypted, what stops an attacker from simply splatting back a vulnerable WinRE partition/image?  You are right, you can indeed do this and you'll get a CMD prompt when WinRE is entered.  However, the modification of WinRE will cause the trust relationship between bitlocker and WinRE to fail.  And as such, while you are at your handy cmd.exe prompt, you will not get an automatically-decrypted bitlocker partition.", "creation_timestamp": "2026-05-20T02:35:17.877520Z"}, {"uuid": "787ae1ea-a6fe-426d-96d8-fe90693e39e5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-45585", "type": "seen", "source": "https://t.me/thehackernews/9043", "content": "\ud83d\udea8 Microsoft released mitigations for YellowKey, a BitLocker bypass tracked as CVE-2026-45585.\n\nThe flaw can let attackers with physical access access encrypted data via WinRE.\n\nMitigations include switching TPM-only BitLocker to TPM+PIN and removing autofstx.exe from WinRE BootExecute.\n\nLearn more: https://thehackernews.com/2026/05/microsoft-releases-mitigation-for.html", "creation_timestamp": "2026-05-20T08:30:56.000000Z"}, {"uuid": "9eec80c2-4dc7-4d84-bfba-223f8d83cdc0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-45585", "type": "seen", "source": "https://cyberplace.social/users/GossiTheDog/statuses/116605854300742081", "content": "Microsoft have issued a CVE for the YellowKey BitLocker bypass and provided mitigation advice - CVE-2026-45585\nMy take - mitigations too fiddly to actually deploy, BitLocker+PIN mitigates and should be used if you are sensitive to BitLocker bypass threats. \nhttps://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45585", "creation_timestamp": "2026-05-20T08:02:22.454767Z"}, {"uuid": "ad42b986-222b-458e-a29b-04dc7b67c00e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-45585", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3mmbka5muvma2", "content": "Microsoft Releases Mitigation for YellowKey BitLocker Bypass CVE-2026-45585 Exploit TheHackerNews Microsoft released mitigations for YellowKey, a publicly disclosed BitLocker bypass tracked as CVE-...\n\n#Security #News\n\nOrigin | Interest | Match", "creation_timestamp": "2026-05-20T09:02:09.827615Z"}, {"uuid": "e2b4bad3-46ff-4b3e-9625-5f71e99a55be", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-45585", "type": "seen", "source": "https://www.govcert.gov.hk/en/alerts_detail.php?id=1878", "content": "", "creation_timestamp": "2026-05-19T21:00:00.000000Z"}, {"uuid": "74e76de4-782b-4612-bc92-95e866fa850e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-45585", "type": "seen", "source": "https://bsky.app/profile/ninjaowl.ai/post/3mmbn6kjc4c27", "content": "Microsoft Releases Mitigation for YellowKey BitLocker Bypass CVE-2026-45585 Exploit #cybersecurity #hacking #news #infosec #security #technology #privacy thehackernews.com/20...", "creation_timestamp": "2026-05-20T09:54:45.873590Z"}, {"uuid": "c19117b4-cd16-4150-ac22-9b02f04bd194", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-45585", "type": "seen", "source": "https://thehackernews.com/2026/05/microsoft-releases-mitigation-for.html", "content": "Microsoft on Tuesday released a mitigation for a BitLocker bypass vulnerability named YellowKey following its public disclosure last week.\n\nThe zero-day flaw, now tracked as CVE-2026-45585, carries a CVSS score of 6.8. It has been described as a BitLocker security feature bypass.\n\n\"Microsoft is aware of a security feature bypass vulnerability in Windows publicly referred to as 'YellowKey,'\" the", "creation_timestamp": "2026-05-20T06:28:26.000000Z"}, {"uuid": "e351f350-f7e0-4ccf-93b6-a2d4ca8f16db", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-45585", "type": "seen", "source": "https://bsky.app/profile/sec-news-bot.bsky.social/post/3mmbnofju3e2n", "content": "Microsoft\u3001BitLocker\u56de\u907f\u8106\u5f31\u6027CVE-2026-45585\u306e\u5bfe\u7b56\u3092\u516c\u958b\n\nMicrosoft\u306f\u516c\u958b\u3055\u308c\u305fBitLocker\u56de\u907f\u624b\u6cd5\u300cYellowKey\u300d(CVE-2026-45585\u3001CVSS 6.8)\u3078\u306e\u5bfe\u7b56\u3092\u767a\u8868\u3057\u307e\u3057\u305f\u3002\u3053\u306e\u8106\u5f31\u6027\u306b\u3088\u308a\u3001\u6697\u53f7\u5316\u30c9\u30e9\u30a4\u30d6\u3078\u306e\u4e0d\u6b63\u30a2\u30af\u30bb\u30b9\u304c\u53ef\u80fd\u306b\u306a\u308a\u307e\u3059\u3002\n\n#\u30bc\u30ed\u30c7\u30a4 #\u4e0d\u6b63\u30a2\u30af\u30bb\u30b9 #CVE", "creation_timestamp": "2026-05-20T10:03:37.376055Z"}, {"uuid": "c1e08f6f-a550-4c8b-b4bc-881b2eb9ab6d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-45585", "type": "seen", "source": "https://bsky.app/profile/infosecbriefly.bsky.social/post/3mmbnqfnfpu2x", "content": "Microsoft released a mitigation for the YellowKey BitLocker bypass vulnerability (CVE-2026-45585) affecting multiple Windows 11 and Windows Server 2025 versions.\n", "creation_timestamp": "2026-05-20T10:04:45.187885Z"}, {"uuid": "0020ce28-24cc-4e9a-9d42-985645a60ef0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-45585", "type": "seen", "source": "https://bsky.app/profile/crustytldr.bsky.social/post/3mmbns4vcrf2a", "content": "\ud83d\udd12 Microsoft Releases Mitigation for YellowKey BitLocker Bypass CVE-2026-45585 Exploit\n\nMicrosoft on Tuesday released a mitigation for a BitLocker bypass vulnerability named YellowKe...\n\nhttps://tinyurl.com/3vber65b #CyberSecurity #InfoSec #CrustyTLDR", "creation_timestamp": "2026-05-20T10:05:41.914247Z"}, {"uuid": "1a3e4a98-3246-49ef-b961-48f8a1b5e57f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-45585", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3mmbo4sn4wqn2", "content": "Microsoft Releases Mitigation for Windows BitLocker Security Bypass 0-Day Vulnerability Microsoft has disclosed a critical zero-day vulnerability in Windows BitLocker, tracked as CVE-2026-45585, th...\n\n#Cyber #Security #News #Windows #cyber #security #cyber #security #news\n\nOrigin | Interest | Match", "creation_timestamp": "2026-05-20T10:12:01.135275Z"}, {"uuid": "4a29b0b3-1d87-4e44-a08f-4b108ba4d11c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-45585", "type": "seen", "source": "https://bsky.app/profile/cybersecurity0001.bsky.social/post/3mmboa232x42b", "content": "Microsoft Releases Mitigation for YellowKey BitLocker Bypass CVE-2026-45585 Exploit", "creation_timestamp": "2026-05-20T10:13:29.408096Z"}, {"uuid": "d527389f-1723-4ab0-8e62-f5612e780f36", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-45585", "type": "seen", "source": "https://bsky.app/profile/guardingpearsof.bsky.social/post/3mmbogybnxm2u", "content": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45585", "creation_timestamp": "2026-05-20T10:17:21.705923Z"}, {"uuid": "8f9b9d0d-d25c-4566-b2a0-5ff54292be01", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-45585", "type": "seen", "source": "https://bsky.app/profile/infosec.skyfleet.blue/post/3mmbqhiscq72s", "content": "Microsoft Releases Mitigation for YellowKey BitLocker Bypass CVE-2026-45585 Exploit", "creation_timestamp": "2026-05-20T10:53:26.822440Z"}, {"uuid": "ada44b2e-ac0b-451e-bc7c-56a9b76e6e89", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-45585", "type": "seen", "source": "https://bsky.app/profile/bitnewsbot.bsky.social/post/3mmbouh6ccp2z", "content": "Microsoft has released a mitigation for a critical BitLocker bypass flaw called \u201cYellowKey\u201d (CVE-2026-45585). The vulnerability allows attackers with physical [\u2026]", "creation_timestamp": "2026-05-20T10:24:54.320018Z"}, {"uuid": "67722639-585c-4fc9-87e5-5f69db5ed0bc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-45585", "type": "seen", "source": "https://t.me/ctinow/250565", "content": "Microsoft Releases Mitigation for YellowKey BitLocker Bypass CVE-2026-45585 Exploit\nhttps://ift.tt/FjJB0m2", "creation_timestamp": "2026-05-20T09:54:13.000000Z"}, {"uuid": "54a392b9-cb82-47f3-8e1f-826bc710a7ef", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-45585", "type": "seen", "source": "https://bsky.app/profile/blackhatnews.tokyo/post/3mmbs7sid3k2v", "content": "Microsoft\u3001\u300cYellowKey\u300dBitLocker\u30d0\u30a4\u30d1\u30b9\u8106\u5f31\u6027\uff08CVE-2026-45585\uff09\u306e\u8efd\u6e1b\u7b56\u3092\u63d0\u4f9b\n\nMicrosoft\u306f\u3001Windows \u306b\u7d44\u307f\u8fbc\u307e\u308c\u305f\u30d5\u30eb\u30c7\u30a3\u30b9\u30af\u6697\u53f7\u5316\u6a5f\u80fd\u3067\u3042\u308b BitLocker \u304c\u63d0\u4f9b\u3059\u308b\u4fdd\u8b77\u3092\u30d0\u30a4\u30d1\u30b9\u3057\u3001\u30e6\u30fc\u30b6\u30fc\u306e\u30c7\u30fc\u30bf\u306b\u30a2\u30af\u30bb\u30b9\u3059\u308b\u305f\u3081\u306b\u653b\u6483\u8005\u304c\u5229\u7528\u3067\u304d\u308b\u8106\u5f31\u6027\u3067\u3042\u308b CVE-2026-45585\uff08\u5225\u540d\u300cYellowkey\u300d\uff09\u306e\u4fee\u6b63\u306b\u53d6\u308a\u7d44\u3093\u3067\u3044\u307e\u3059\u3002 \u305d\u306e\u9593\u3001\u540c\u793e\u306f\u5f71\u97ff", "creation_timestamp": "2026-05-20T11:24:56.409142Z"}, {"uuid": "d551c35c-a2b5-4f9a-b3f2-f6a2c88e1c99", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-45585", "type": "seen", "source": "https://bsky.app/profile/postac001.bsky.social/post/3mmbtehbhei2x", "content": "CVE-2026-45585\uff08YellowKey\uff09\u306f\u3001Windows\u306eBitLocker\u306e\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u6a5f\u80fd\u30d0\u30a4\u30d1\u30b9\u8106\u5f31\u6027\u3067\u3059\u3002Microsoft\u306f\u7de9\u548c\u7b56\u3092\u516c\u958b\u3057\u307e\u3057\u305f\u3002", "creation_timestamp": "2026-05-20T11:45:26.421028Z"}, {"uuid": "3407fdb7-8a8f-4813-bce4-611cb314f1e8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-45585", "type": "seen", "source": "https://t.me/TengkorakCyberCrewzz/10510", "content": "Microsoft Releases Mitigation for YellowKey BitLocker Bypass CVE-2026-45585 Exploit \u2013 thehackernews.com\n\nWed, 20 May 2026 16:28:26", "creation_timestamp": "2026-05-20T12:04:10.000000Z"}, {"uuid": "68337fa0-6958-4a62-96a6-f97234524022", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-45585", "type": "seen", "source": "https://bsky.app/profile/reconbee.bsky.social/post/3mmbybj6xq225", "content": "Microsoft Releases Mitigation for YellowKey BitLocker Bypass CVE-2026-45585 Exploit reconbee.com/microsoft-re...\n\n#microsoft #Yellowkey #bitlocker #cybersecurity #cyberattack #exploit", "creation_timestamp": "2026-05-20T13:13:22.564959Z"}, {"uuid": "57cdb9a1-e6c1-466f-9171-1dec9830d482", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-45585", "type": "seen", "source": "https://infosec.exchange/users/cR0w/statuses/116607139357741122", "content": "\nMicrosoft is aware of a security feature bypass vulnerability in Windows publicly referred to as \"YellowKey\". The proof of concept for this vulnerability has been made public violating coordinated vulnerability best practices.\nI know people here probably don't want to rehash the disclosure discussion for the 683,547,329th time, but fuck Microsoft and this passive aggressive bullshit trying to frame their own interests as \"best practices\" in a vuln mitigation publication. Your shit is getting torn apart. Act like you've been there before because we all know you have.\nhttps://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45585", "creation_timestamp": "2026-05-20T13:29:03.395085Z"}, {"uuid": "0a59dc57-06a0-4e1e-8f80-ff39df41ff31", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-45585", "type": "seen", "source": "https://bsky.app/profile/se-nyheter.bsky.social/post/3mmc2vmgtyu27", "content": "Microsoft uppmanar till \u00e5tg\u00e4rder mot Bitlocker-s\u00e5rbarheten Yellowkey\n\nhttps://www.europesays.com/se/251208/\n\nMicrosoft har nu sl\u00e4ppt \u00e5tg\u00e4rder f\u00f6r att skydda mot zero day-s\u00e5rbarheten Yellowkey, rapporterar Bleeping Computer. S\u00e5rbarheten (CVE-2026-45585) kan\u2026", "creation_timestamp": "2026-05-20T14:00:17.856167Z"}, {"uuid": "9c7a00c5-a101-4b4e-8e90-a38979fe66ce", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-45585", "type": "seen", "source": "https://bsky.app/profile/mm-ilsoftware-bot.bsky.social/post/3mmc2w4xjco2d", "content": "BitLocker sotto attacco: Microsoft spiega come fermare YellowKey\nMicrosoft conferma CVE-2026-45585: YellowKey sfrutta WinRE e file FsTx per aggirare BitLocker. Ecco come funzio...\nhttps://www.ilsoftware.it/correzione-vulnerabilita-bitlocker-yellowkey/", "creation_timestamp": "2026-05-20T14:00:35.333899Z"}, {"uuid": "dd9604e5-5964-4345-88f2-9b6502bdb7bf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-45585", "type": "seen", "source": "https://bsky.app/profile/o2cloud.bsky.social/post/3mmc3hfcycd2m", "content": "\ud83d\udd17 CVE : CVE-2026-42834, CVE-2026-45585, CVE-2026-42834, CVE-2026-45585", "creation_timestamp": "2026-05-20T14:10:14.170776Z"}, {"uuid": "013d3d30-a795-4cb3-b463-04981dc89502", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-45585", "type": "seen", "source": "https://bsky.app/profile/hendryadrian.bsky.social/post/3mmc5gdwqrh2s", "content": "Microsoft has issued mitigations for YellowKey, a Windows BitLocker zero-day tracked as CVE-2026-45585. The flaw can bypass drive protection and expose protected disks. #YellowKey #CVE202645585 #BitLocker", "creation_timestamp": "2026-05-20T14:45:27.969647Z"}, {"uuid": "52120f53-71d7-4bfb-9623-c4bf053963d3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-45585", "type": "seen", "source": "https://bsky.app/profile/r-netsec-bot.bsky.social/post/3mmc4hhnkw62n", "content": "CVE-2026-45585: Windows BitLocker \u2014 YellowKey Recovery Bypass Analysis", "creation_timestamp": "2026-05-20T14:28:11.315310Z"}, {"uuid": "10d27894-6a37-4285-92ba-8f20dea79492", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-45585", "type": "seen", "source": "https://infosec.exchange/users/threatcodex/statuses/116607767107677490", "content": "Microsoft Releases Mitigation for YellowKey BitLocker Bypass CVE-2026-45585 Exploit#CVE_2026_45585 https://thehackernews.com/2026/05/microsoft-releases-mitigation-for.html", "creation_timestamp": "2026-05-20T16:08:41.812960Z"}, {"uuid": "cebce0b9-ddb3-4c38-8709-44af4700791e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-45585", "type": "seen", "source": "https://bsky.app/profile/malekal.com/post/3mmcaadq3uk2h", "content": "[ACTU] Microsoft publie une mitigation temporaire pour YellowKey (CVE-2026-45585), une faille zero-day BitLocker permettant de contourner le chiffrement via WinRE. \nTout savoir \ud83d\udc47\n\nwww.malekal.com/yellowkey-mi...", "creation_timestamp": "2026-05-20T15:35:49.847441Z"}, {"uuid": "4198947a-04ba-451d-8372-05081770c80e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-45585", "type": "seen", "source": "https://bsky.app/profile/hendryadrian.bsky.social/post/3mmcsev2tdj22", "content": "Microsoft released mitigations for YellowKey, a zero-day flaw tracked as CVE-2026-45585 that can bypass BitLocker on Windows systems with physical access via USB and WinRE shell access. #YellowKey #BitLocker #WinRE", "creation_timestamp": "2026-05-20T21:00:26.722821Z"}, {"uuid": "ce1dd970-48ef-4d33-8ab3-52bb366d2258", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-45585", "type": "seen", "source": "https://bsky.app/profile/winfuture.de/post/3mmchiqknwj2s", "content": "Neue BitLocker-L\u00fccke YellowKey: Microsoft best\u00e4tigt Zero-Day-Schwachstelle CVE-2026-45585. Angreifer mit physischem Zugriff k\u00f6nnen verschl\u00fcsselte Laufwerke entschl\u00fcsseln. #Microsoft #Windows", "creation_timestamp": "2026-05-20T17:46:12.687309Z"}, {"uuid": "cedee514-33f7-4209-ba4f-34790584ecbc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-45585", "type": "seen", "source": "https://infosec.exchange/users/vuldb/statuses/116608679045057596", "content": "A lot of offensive activities were identified targeting Microsoft Windows (CVE-2026-45585) https://vuldb.com/vuln/364751/cti", "creation_timestamp": "2026-05-20T20:00:36.889716Z"}, {"uuid": "dc9a90f5-3ae9-4552-a197-bff158a32bd5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-45585", "type": "seen", "source": "https://bsky.app/profile/kitafox.bsky.social/post/3mmdb2j3z7q2n", "content": "\u30de\u30a4\u30af\u30ed\u30bd\u30d5\u30c8\u306f\u3001BitLocker\u306e\u30d0\u30a4\u30d1\u30b9\u8106\u5f31\u6027\u300cYellowKey\u300d\uff08CVE-2026-45585\uff09\u306b\u5bfe\u3059\u308b\u5bfe\u7b56\u3092\u63d0\u4f9b\u3057\u3066\u3044\u307e\u3059 \n\nMicrosoft provides mitigation for \u201cYellowKey\u201d BitLocker bypass flaw (CVE-2026-45585)  #HelpNetSecurity (May 20)\n\nwww.helpnetsecurity.com/2026/05/20/y...", "creation_timestamp": "2026-05-21T01:23:04.486963Z"}, {"uuid": "61111fcd-730f-4335-b302-35e7f6314f68", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-45585", "type": "seen", "source": "https://bsky.app/profile/sleepydogtsjp.bsky.social/post/3mmcuqu7ejs24", "content": "Microsoft Releases Mitigation for YellowKey BitLocker Bypass CVE-2026-45585 Exploit\nthehackernews.com/2026/05/micr...", "creation_timestamp": "2026-05-20T21:43:12.192786Z"}, {"uuid": "06fdd8e5-1a19-4746-8aad-1eddddde981e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-45585", "type": "seen", "source": "https://bsky.app/profile/cybersecurity.page/post/3mmdwaz6d3h2g", "content": "Microsoft has issued a mitigation for the YellowKey BitLocker bypass exploit, identified as CVE-2026-45585.", "creation_timestamp": "2026-05-21T07:42:30.890664Z"}, {"uuid": "ae252dc7-cb10-4c1f-afcf-c2b16b397da2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-45585", "type": "published-proof-of-concept", "source": "Telegram/LRuVHO_NRtLslMv_pxl3JYoJM5ygIHd_ktikilExPtpHxGM", "content": "", "creation_timestamp": "2026-05-20T15:00:07.000000Z"}, {"uuid": "8a9e0b66-f600-4695-95ec-44e80436a541", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-45585", "type": "seen", "source": "https://bsky.app/profile/samilaiho.com/post/3mmech6vqyk2f", "content": "Microsoft Releases Mitigation for YellowKey BitLocker Bypass CVE-2026-45585\nExploit\nthehackernews.com/2026/05/micr...", "creation_timestamp": "2026-05-21T11:20:49.594686Z"}, {"uuid": "55c2b484-28f2-4221-9019-62e4a609f6f7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-45585", "type": "seen", "source": "https://infosec.exchange/users/edwardk/statuses/116611976276171221", "content": "Microsoft has released a mitigation for the YellowKey BitLocker bypass vulnerability, tracked as CVE-2026-45585, which allows attackers with physical access to gain unauthorized entry to encrypted volumes. Users can protect their systems by disabling the autofstx.exe utility in the WinRE image and switching to TPM+PIN authentication.https://thehackernews.com/2026/05/microsoft-releases-mitigation-for.html", "creation_timestamp": "2026-05-21T09:59:08.552297Z"}, {"uuid": "3e7f5d50-9bd9-485f-a0c4-38ae0b377738", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-45585", "type": "seen", "source": "https://bsky.app/profile/shortinfo.bsky.social/post/3mmevr3uy3z25", "content": "Microsoft assigned CVE-2026-45585 on May 19 to a publicly disclosed BitLocker bypass called YellowKey. An attacker with physical access can boot a Windows 11 or Server 2025 device into the recovery environment, hold CTRL, and drop into an unrestricted shell that reads the encrypted drive. ...", "creation_timestamp": "2026-05-21T17:06:18.179806Z"}, {"uuid": "1aa89b9c-e17b-4013-af06-bf0c6b89882c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-45585", "type": "seen", "source": "https://threatintel.cc/2026/05/21/microsoft-releases-mitigation-for-yellowkey.html", "content": "Microsoft Releases Mitigation for YellowKey BitLocker Bypass CVE-2026-45585 Exploit\n\nMicrosoft has released a mitigation for the YellowKey BitLocker bypass vulnerability, tracked as CVE-2026-45585, which allows attackers with physical access to gain unauthorized entry to encrypted volumes. Users can protect their systems by disabling the autofstx.exe utility in the WinRE image and switching to TPM+PIN authentication.", "creation_timestamp": "2026-05-21T07:59:18.000000Z"}, {"uuid": "54f2719f-5345-4757-9436-d45ea1a21765", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-45585", "type": "seen", "source": "https://www.acn.gov.it/portale/w/microsoft-disponibili-poc-per-lo-sfruttamento-di-vulnerabilita-zero-day", "content": "", "creation_timestamp": "2026-05-14T09:14:46.000000Z"}, {"uuid": "0612b951-2512-4bd6-adec-850c6ecc63a2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-45585", "type": "seen", "source": "https://t.me/xakep_ru/19411", "content": "\u0412 Microsoft \u0440\u0430\u0441\u0441\u043a\u0430\u0437\u0430\u043b\u0438, \u043a\u0430\u043a \u0437\u0430\u0449\u0438\u0442\u0438\u0442\u044c\u0441\u044f \u043e\u0442 0-day-\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 YellowKey \u0434\u043b\u044f \u043e\u0431\u0445\u043e\u0434\u0430 BitLocker\n\n\u0420\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0447\u0438\u043a\u0438 Microsoft \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u0438\u043b\u0438 \u0432\u0440\u0435\u043c\u0435\u043d\u043d\u044b\u0435 \u0437\u0430\u0449\u0438\u0442\u043d\u044b\u0435 \u043c\u0435\u0440\u044b \u0434\u043b\u044f \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u044b YellowKey \u2014 0-day-\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0434\u043b\u044f \u043e\u0431\u0445\u043e\u0434\u0430 BitLocker, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u0437\u0430\u0448\u0438\u0444\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u043c \u0434\u0430\u043d\u043d\u044b\u043c \u043d\u0430 Windows-\u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430\u0445 \u043f\u0440\u0438 \u043d\u0430\u043b\u0438\u0447\u0438\u0438 \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u043a \u0441\u0438\u0441\u0442\u0435\u043c\u0435. \u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u043e\u043b\u0443\u0447\u0438\u043b\u0430 \u0438\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440 CVE-2026-45585 \u0438 \u043e\u0446\u0435\u043d\u043a\u0443 6,8 \u0431\u0430\u043b\u043b\u0430 \u043f\u043e \u0448\u043a\u0430\u043b\u0435 CVSS.\n\nhttps://xakep.ru/2026/05/21/yellowkey-migration/", "creation_timestamp": "2026-05-21T17:39:45.000000Z"}, {"uuid": "bae9076a-f155-472d-8c1b-01ecf7d32c03", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-45585", "type": "seen", "source": "Telegram/JfumLqqEttLUN3Hr7F6RShIuFrO1EDvPssD3PN1Is6yjoQ", "content": "", "creation_timestamp": "2026-05-20T13:04:10.000000Z"}, {"uuid": "30e883c0-daf3-4106-a3dd-35efb5773cf9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-45585", "type": "seen", "source": "https://bsky.app/profile/aegisbot.bsky.social/post/3mmhlcgr2r42v", "content": "\ud83d\udd0d Top signals this week:\n\nCVEs: CVE-2026-20182, CVE-2026-42897, CVE-2026-45585, CVE-2026-42945, CVE-2026-9082\nActors: Ransomware, Apt, Play\n\nFull intel: https://matlock.ca/cybersecnews", "creation_timestamp": "2026-05-22T18:37:06.740400Z"}]}