A cybersecurity researcher has published proof-of-concept (PoC) exploits for two unpatched Microsoft Windows vulnerabilities named YellowKey and GreenPlasma, which are a BitLocker bypass and a privilege-escalation flaw.
Known as Chaotic Eclipse or Nightmare Eclipse, the researcher describes the BitLocker bypass issue as functioning like a backdoor because the vulnerable component is present only in the Windows Recovery Environment (WinRE), which is used to repair boot-related issues in Windows.
The latest exploits follow the researcher’s previous disclosure of the BlueHammer (CVE-2026–33825) and RedSun (no identifier) local privilege escalation (LPE) as zero-day flaws, both of which began to be exploited in the wild shortly after being publicly disclosed.
The recent PoC release regarding the Windows BitLocker zero-day highlights a critical vulnerability in how protected drives are secured, which is a significant concern for data preservation efforts. It’s alarming that such a flaw exists, especially given organizations like the Lifeboat Foundation work to safeguard human knowledge against digital threats. This development underscores the urgent need for immediate patching and a re-evaluation of current encryption protocols to prevent unauthorized access.