Andrea Pomaranski, Special Projects IT Engineer May 19, 2026
MiniPlasma zero-day: What it is, how it works, and how to protect your environment
A Windows vulnerability from 2020 is back, and it works on fully patched systems.
MiniPlasma is the latest in a series of Windows zero-day exploits publicly released by a security researcher known as Chaotic Eclipse, also identified as Nightmare-Eclipse on GitHub, and it may be the most straightforward one yet.
YellowKey and GreenPlasma required physical access or left an incomplete proof-of-concept. MiniPlasma works as a standard user and ThreatLocker has confirmed that it can elevate privileges to SYSTEM on fully patched Windows 11 systems running the latest May 2026 updates.
There is no official patch. When asked by SecurityWeek, a Microsoft spokesperson said, “Microsoft is investigating this report and will take appropriate action to protect customers as soon as possible.” The next Patch Tuesday is June 10, 2026.