Security Feature Bypass in Windows by Microsoft
CVE-2026-45585

6.8MEDIUM

Key Information:

Vendor

Microsoft
Status
Windows 11 Version 24h2
Windows 11 Version 25h2
Windows 11 Version 26h1
Windows Server 2025
Vendor
CVE Published:
19 May 2026

Badges

📈 Score: 569👾 Exploit Exists🟡 Public PoC📰 News Worthy

What is CVE-2026-45585?

CVE-2026-45585 is a vulnerability affecting Microsoft Windows, recognized as a security feature bypass. This vulnerability, colloquially known as "YellowKey," refers to a specific flaw in Windows that allows attackers to circumvent established security protocols. Such a bypass can undermine the integrity of the system, enabling malicious actors to manipulate or access sensitive information without proper authorization. As a widely used operating system, Windows is critical for many organizations, and this vulnerability poses a significant risk to their operational security and data protection practices. The existence of this flaw underscores the importance of maintaining robust security measures and keeping systems updated to protect against potential exploitations.

Potential impact of CVE-2026-45585

  1. Unauthorized Access: Exploiting this vulnerability could grant attackers unauthorized access to systems, allowing them to execute malicious activities without detection. This access can lead to extensive data breaches and compromise sensitive information.

  2. Data Integrity Compromise: The ability to bypass security features may result in alterations or deletions of critical system data, jeopardizing the integrity of information stored within affected systems. This could have severe consequences for business operations and regulatory compliance.

  3. Increased Attack Surface: By facilitating unauthorized operations, this vulnerability broadens the potential attack surface for organizations. It may encourage further attempts at exploitation, including the deployment of additional malware or ransomware, escalating the overall cybersecurity risk landscape.

Affected Version(s)

Windows 11 Version 24H2 x64-based Systems -

Windows 11 Version 25H2 x64-based Systems -

Windows 11 version 26H1 x64-based Systems -

Exploit Proof of Concept (PoC)

PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.

YellowKey-WinRE-Remediation
Created by everest90909

News Articles

favicon imageHelp Net Security

Microsoft provides mitigation for "YellowKey" BitLocker bypass flaw (CVE-2026-45585) - Help Net Security

Microsoft is working on a fix for CVE-2026-45585 (aka "Yellowkey"), a vulnerability that can be used to bypass Windows' BitLocker protection.

1 day ago

favicon imageSwapupdate

Microsoft Releases Mitigation for YellowKey BitLocker Bypass CVE-2026-45585 Exploit

Ravie LakshmananMay 20, 2026Vulnerability / Encryption

2 days ago

favicon imageIt Security News

Microsoft provides mitigation for “YellowKey” BitLocker bypass flaw (CVE-2026-45585) - IT Security News

Microsoft is working on a fix for CVE-2026-45585 (aka “Yellowkey”), a vulnerability that can be used by attackers to bypass protections offered by BitLocker, the full-disk encryption feature built into Windows, and access users’ data. In the meantime, the company…Read more →

2 days ago

References

https://msrc.microsoft.com/update-guide/vulnerability/CVE...
vendor-advisorypatch

CVSS V3.1

Score:
6.8
Severity:
MEDIUM
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Physical
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • 🟡

    Public PoC available

  • 👾

    Exploit known to exist

  • 📰

    First article discovered by Securityweek

  • Vulnerability published

  • Vulnerability Reserved

.