Analyst command view

MSRC Driver CVE Board

Latest-state board for filtered MSRC CVEs from 2020-01-01 to today, tuned for fast triage across module, CWE, release window, exploitation signal, and acknowledgement context.

Live snapshot

Last Sync

2026-05-20T07:39:30Z

Freshness

1 day(s) ago

Refresh Policy

24h baseline + release watch

Storage

Latest snapshot only

Rows In View

Current result set after filter and search.

Exploited Flagged

Rows with a non-empty exploitation signal.

Distinct CWE

Unique weakness classes in this view.

Modules

Unique inferred driver or component labels.

Module

CWE

Rows

Sort

Actions

Reset

Active filters Module Windows Local Security Authority Subsystem Service (LSASS) Clear filters

Top CWE

6 classes

CWE-476: NULL Pointer Dereference3 CWE-416: Use After Free2 CWE-20: Improper Input Validation1 CWE-400: Uncontrolled Resource Consumption1 CWE-591: Sensitive Data Storage in Improperly Locked Memory1 Unspecified1

Top Modules

1 modules

Windows Local Security Authority Subsystem Service (LSASS)8

Release Month

April 2026

1 CVE | last update 1 day(s) ago

Release 2026-04-14 Patch Tuesday Count 1

CVE	Module	CWE	Title Advisory text and compact technical context	Release	Exploited	Acknowledgement
CVE-2026-32071	Windows Local Security Authority Subsystem Service (LSASS) Exploitation Less Likely	CWE-476: NULL Pointer Dereference	Windows Local Security Authority Subsystem Service (LSASS) Denial of Service Vulnerability CVSS vector: AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C	2026-04-14	No	Reported By Howard McGreehan with MSRC V&M

Release Month

January 2026

2 CVE | last update 1 day(s) ago

Release 2026-01-13 Patch Tuesday Count 2

CVE	Module	CWE	Title Advisory text and compact technical context	Release	Exploited	Acknowledgement
CVE-2026-20875	Windows Local Security Authority Subsystem Service (LSASS) Exploitation Less Likely	CWE-476: NULL Pointer Dereference	Windows Local Security Authority Subsystem Service (LSASS) Denial of Service Vulnerability CVSS vector: AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C	2026-01-13	No	Reported By Ziran Lin with Microsoft
CVE-2026-20854	Windows Local Security Authority Subsystem Service (LSASS) Exploitation Less Likely	CWE-416: Use After Free	Windows Local Security Authority Subsystem Service (LSASS) Remote Code Execution Vulnerability CVSS vector: AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2026-01-13	No	Reported By Howard McGreehan with MSRC V&M

Release Month

September 2025

1 CVE | last update 1 day(s) ago

Release 2025-09-09 Patch Tuesday Count 1

CVE	Module	CWE	Title Advisory text and compact technical context	Release	Exploited	Acknowledgement
CVE-2025-53809	Windows Local Security Authority Subsystem Service (LSASS) Exploitation Less Likely	CWE-20: Improper Input Validation	Windows Local Security Authority Subsystem Service (LSASS) Denial of Service Vulnerability CVSS vector: AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C	2025-09-09	No	Reported By Tamas Jos (@skelsec)

Release Month

August 2025

1 CVE | last update 1 day(s) ago

Release 2025-08-12 Patch Tuesday Count 1

CVE	Module	CWE	Title Advisory text and compact technical context	Release	Exploited	Acknowledgement
CVE-2025-53716	Windows Local Security Authority Subsystem Service (LSASS) Exploitation Less Likely	CWE-476: NULL Pointer Dereference	Windows Local Security Authority Subsystem Service (LSASS) Denial of Service Vulnerability CVSS vector: AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C	2025-08-12	No	Reported By Anonymous

Release Month

June 2025

1 CVE | last update 1 day(s) ago

Release 2025-06-10 Patch Tuesday Count 1

CVE	Module	CWE	Title Advisory text and compact technical context	Release	Exploited	Acknowledgement
CVE-2025-32724	Windows Local Security Authority Subsystem Service (LSASS) Exploitation Unlikely	CWE-400: Uncontrolled Resource Consumption	Windows Local Security Authority Subsystem Service (LSASS) Denial of Service Vulnerability CVSS vector: AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C	2025-06-10	No	Reported By Or Yair with SafeBreach Shahak Morag with SafeBreach

Release Month

December 2024

1 CVE | last update 1 day(s) ago

Release 2024-12-10 Patch Tuesday Count 1

CVE	Module	CWE	Title Advisory text and compact technical context	Release	Exploited	Acknowledgement
CVE-2024-49126	Windows Local Security Authority Subsystem Service (LSASS) Exploitation Less Likely	CWE-416: Use After Free CWE-591: Sensitive Data Storage in Improperly Locked Memory	Windows Local Security Authority Subsystem Service (LSASS) Remote Code Execution Vulnerability CVSS vector: AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2024-12-10	No	Reported By Yuki Chen

Release Month

April 2022

1 CVE | last update 1 day(s) ago

Release 2022-04-12 Patch Tuesday Count 1

CVE	Module	CWE	Title Advisory text and compact technical context	Release	Exploited	Acknowledgement
CVE-2022-24487	Windows Local Security Authority Subsystem Service (LSASS) Exploitation Less Likely	Unspecified	Windows Local Security Authority Subsystem Service (LSASS) Remote Code Execution Vulnerability CVSS vector: AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2022-04-12	No	Reported By Microsoft Offensive Research & Security Engineering (MORSE)