Analyst command view

MSRC Driver CVE Board

Latest-state board for filtered MSRC CVEs from 2020-01-01 to today, tuned for fast triage across module, CWE, release window, exploitation signal, and acknowledgement context.

Live snapshot

Last Sync

2026-05-20T07:39:30Z

Freshness

1 day(s) ago

Refresh Policy

24h baseline + release watch

Storage

Latest snapshot only

Rows In View

4933

Current result set after filter and search.

Exploited Flagged

4189

Rows with a non-empty exploitation signal.

Distinct CWE

162

Unique weakness classes in this view.

Modules

1528

Unique inferred driver or component labels.

Module

CWE

Rows

Sort

Actions

Reset

Top CWE

162 classes

Unspecified2109 CWE-416: Use After Free443 CWE-122: Heap-based Buffer Overflow354 CWE-125: Out-of-bounds Read269 CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')147 CWE-20: Improper Input Validation142 CWE-190: Integer Overflow or Wraparound127 CWE-476: NULL Pointer Dereference126

Top Modules

1528 modules

Windows Kernel220 Windows Routing and Remote Access Service (RRAS)111 Windows Hyper-V101 Win32k100 Windows Graphics Component89 Windows Print Spooler69 Remote Procedure Call Runtime67 Microsoft Message Queuing (MSMQ)63

Release Month

October 2025

50 CVE | last update 1 day(s) ago

Release 2025-10-14 Patch Tuesday Count 50

CVE	Module	CWE	Title Advisory text and compact technical context	Release	Exploited	Acknowledgement
CVE-2025-59197	Windows ETL Channel Exploitation Less Likely	CWE-532: Insertion of Sensitive Information into Log File	Windows ETL Channel Information Disclosure Vulnerability CVSS vector: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C	2025-10-14	No	Reported By Aobo Wang
CVE-2025-59258	Windows Active Directory Federation Services (ADFS) Exploitation Less Likely	CWE-532: Insertion of Sensitive Information into Log File	Windows Active Directory Federation Services (ADFS) Information Disclosure Vulnerability CVSS vector: AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C	2025-10-14	No	Reported By Anonymous
CVE-2025-47979	Microsoft Failover Cluster Exploitation Less Likely	CWE-532: Insertion of Sensitive Information into Log File	Microsoft Failover Cluster Information Disclosure Vulnerability CVSS vector: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C	2025-10-14	No	Reported By Anonymous
CVE-2025-59287	Windows Server Update Service (WSUS) Exploitation More Likely	CWE-502: Deserialization of Untrusted Data	Windows Server Update Service (WSUS) Remote Code Execution Vulnerability CVSS vector: AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C	2025-10-14	No	Reported By Markus Wulftange with CODE WHITE GmbH MEOW f7d8c52bec79e42795cf15888b85cbad
CVE-2025-55698	DirectX Graphics Kernel Exploitation Less Likely	CWE-476: NULL Pointer Dereference	DirectX Graphics Kernel Denial of Service Vulnerability CVSS vector: AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C	2025-10-14	No	Reported By cyanbamboo
CVE-2025-53768	Xbox IStorageService Exploitation Unlikely	CWE-416: Use After Free CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')	Xbox IStorageService Elevation of Privilege Vulnerability CVSS vector: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2025-10-14	No	Reported By R4nger with CyberKunLun & Zhiniang Peng with HUST
CVE-2025-59210	Windows Resilient File System (ReFS) Deduplication Service Exploitation Unlikely	CWE-416: Use After Free	Windows Resilient File System (ReFS) Deduplication Service Elevation of Privilege Vulnerability CVSS vector: AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2025-10-14	No	Reported By Hwiwon Lee (hwiwonl), SEC-agent team Jongseong Kim (nevul37), SEC-agent team with ENKI WhiteHat
CVE-2025-59206	Windows Resilient File System (ReFS) Deduplication Service Exploitation Unlikely	CWE-416: Use After Free	Windows Resilient File System (ReFS) Deduplication Service Elevation of Privilege Vulnerability CVSS vector: AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2025-10-14	No	Reported By Taewoo (Tae_ω02)
CVE-2025-59202	Windows Remote Desktop Services Exploitation Less Likely	CWE-416: Use After Free	Windows Remote Desktop Services Elevation of Privilege Vulnerability CVSS vector: AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2025-10-14	No	Reported By k0shl with Kunlun Lab
CVE-2025-55691	Windows PrintWorkflowUserSvc Exploitation Less Likely	CWE-416: Use After Free	Windows PrintWorkflowUserSvc Elevation of Privilege Vulnerability CVSS vector: AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2025-10-14	No	Reported By Jongseong Kim (nevul37), SEC-agent team with ENKI WhiteHat Hwiwon Lee (hwiwonl), SEC-agent team
CVE-2025-55690	Windows PrintWorkflowUserSvc Exploitation Less Likely	CWE-416: Use After Free	Windows PrintWorkflowUserSvc Elevation of Privilege Vulnerability CVSS vector: AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2025-10-14	No	Reported By Jongseong Kim (nevul37), SEC-agent team with ENKI WhiteHat Hwiwon Lee (hwiwonl), SEC-agent team
CVE-2025-55689	Windows PrintWorkflowUserSvc Exploitation Less Likely	CWE-416: Use After Free	Windows PrintWorkflowUserSvc Elevation of Privilege Vulnerability CVSS vector: AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2025-10-14	No	Reported By Jongseong Kim (nevul37), SEC-agent team with ENKI WhiteHat Hwiwon Lee (hwiwonl), SEC-agent team
CVE-2025-55688	Windows PrintWorkflowUserSvc Exploitation Less Likely	CWE-416: Use After Free	Windows PrintWorkflowUserSvc Elevation of Privilege Vulnerability CVSS vector: AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2025-10-14	No	Reported By Jongseong Kim (nevul37), SEC-agent team with ENKI WhiteHat Hwiwon Lee (hwiwonl), SEC-agent team
CVE-2025-55686	Windows PrintWorkflowUserSvc Exploitation Less Likely	CWE-416: Use After Free	Windows PrintWorkflowUserSvc Elevation of Privilege Vulnerability CVSS vector: AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2025-10-14	No	Reported By Jongseong Kim (nevul37), SEC-agent team with ENKI WhiteHat Hwiwon Lee (hwiwonl), SEC-agent team
CVE-2025-55685	Windows PrintWorkflowUserSvc Exploitation Less Likely	CWE-416: Use After Free	Windows PrintWorkflowUserSvc Elevation of Privilege Vulnerability CVSS vector: AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2025-10-14	No	Reported By Jongseong Kim (nevul37), SEC-agent team with ENKI WhiteHat Hwiwon Lee (hwiwonl), SEC-agent team
CVE-2025-55684	Windows PrintWorkflowUserSvc Exploitation Less Likely	CWE-416: Use After Free	Windows PrintWorkflowUserSvc Elevation of Privilege Vulnerability CVSS vector: AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2025-10-14	No	Reported By Jongseong Kim (nevul37), SEC-agent team with ENKI WhiteHat Hwiwon Lee (hwiwonl), SEC-agent team
CVE-2025-55331	Windows PrintWorkflowUserSvc Exploitation Unlikely	CWE-416: Use After Free	Windows PrintWorkflowUserSvc Elevation of Privilege Vulnerability CVSS vector: AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2025-10-14	No	Reported By Taewoo (Tae_ω02)
CVE-2025-55335	Windows NTFS Exploitation Less Likely	CWE-416: Use After Free CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')	Windows NTFS Elevation of Privilege Vulnerability CVSS vector: AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2025-10-14	No	Reported By Bruno Botelho
CVE-2025-55693	Windows Kernel Exploitation More Likely	CWE-416: Use After Free	Windows Kernel Elevation of Privilege Vulnerability CVSS vector: AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2025-10-14	No	Reported By Anonymous
CVE-2025-53150	Windows Digital Media Exploitation Less Likely	CWE-416: Use After Free CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')	Windows Digital Media Elevation of Privilege Vulnerability CVSS vector: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2025-10-14	No	Reported By Jongseong Kim (nevul37) with Ajou University, and working at ENKI WhiteHat Dongjun Kim (smlijun) with Ajou University, and working at ENKI WhiteHat Seongheun Hong (seongheunh) with Ajou University
CVE-2025-50175	Windows Digital Media Exploitation Unlikely	CWE-416: Use After Free	Windows Digital Media Elevation of Privilege Vulnerability CVSS vector: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2025-10-14	No	Reported By vipinkumar
CVE-2025-50174	Windows Device Association Broker Service Exploitation Less Likely	CWE-416: Use After Free	Windows Device Association Broker Service Elevation of Privilege Vulnerability CVSS vector: AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2025-10-14	No	Reported By Jongseong Kim (nevul37) with Ajou University, and working at ENKI WhiteHat Dongjun Kim (smlijun) with Ajou University, and working at ENKI WhiteHat Anonymous
CVE-2025-55326	Windows Connected Devices Platform Service (Cdpsvc) Exploitation Less Likely	CWE-416: Use After Free	Windows Connected Devices Platform Service (Cdpsvc) Remote Code Execution Vulnerability CVSS vector: AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2025-10-14	No	Reported By Azure Yang with Kunlun Lab
CVE-2025-58719	Windows Connected Devices Platform Service Exploitation Unlikely	CWE-416: Use After Free	Windows Connected Devices Platform Service Elevation of Privilege Vulnerability CVSS vector: AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C	2025-10-14	No	Reported By Zhang WangJunJie, He YiSheng with Hillstone Networks Security Research Institute
CVE-2025-59290	Windows Bluetooth Service Exploitation Less Likely	CWE-416: Use After Free	Windows Bluetooth Service Elevation of Privilege Vulnerability CVSS vector: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2025-10-14	No	Reported By Zhiniang Peng with HUST & R4nger with CyberKunLun
CVE-2025-58728	Windows Bluetooth Service Exploitation Less Likely	CWE-416: Use After Free	Windows Bluetooth Service Elevation of Privilege Vulnerability CVSS vector: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2025-10-14	No	Reported By Zhiniang Peng with HUST & R4nger with CyberKunLun
CVE-2025-58737	Remote Desktop Protocol Exploitation Unlikely	CWE-416: Use After Free	Remote Desktop Protocol Remote Code Execution Vulnerability CVSS vector: AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2025-10-14	No	Reported By Zhiniang Peng with HUST & R4nger with CyberKunLun
CVE-2025-58718	Remote Desktop Client Exploitation Less Likely	CWE-416: Use After Free	Remote Desktop Client Remote Code Execution Vulnerability CVSS vector: AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2025-10-14	No	Reported By YingQi Shi (@Mas0n) with DBAPPSecurity WeBin Lab
CVE-2025-49708	Microsoft Graphics Component Exploitation Less Likely	CWE-416: Use After Free	Microsoft Graphics Component Elevation of Privilege Vulnerability CVSS vector: AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C	2025-10-14	No	Reported By cyanbamboo and b2ahex
CVE-2025-59189	Microsoft Brokering File System Exploitation Unlikely	CWE-416: Use After Free	Microsoft Brokering File System Elevation of Privilege Vulnerability CVSS vector: AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2025-10-14	No	Reported By hazard
CVE-2025-48004	Microsoft Brokering File System Exploitation More Likely	CWE-416: Use After Free	Microsoft Brokering File System Elevation of Privilege Vulnerability CVSS vector: AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2025-10-14	No	Reported By hazard Bryan Gonzalez, Ocelot Team @ Metabase Q
CVE-2025-58738	Inbox COM Objects (Global Memory) Exploitation Unlikely	CWE-416: Use After Free	Inbox COM Objects (Global Memory) Remote Code Execution Vulnerability CVSS vector: AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2025-10-14	No	Reported By Zhiniang Peng with HUST & R4nger with CyberKunLun
CVE-2025-58736	Inbox COM Objects (Global Memory) Exploitation Unlikely	CWE-416: Use After Free	Inbox COM Objects (Global Memory) Remote Code Execution Vulnerability CVSS vector: AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2025-10-14	No	Reported By Zhiniang Peng with HUST & R4nger with CyberKunLun
CVE-2025-58735	Inbox COM Objects (Global Memory) Exploitation Unlikely	CWE-416: Use After Free	Inbox COM Objects (Global Memory) Remote Code Execution Vulnerability CVSS vector: AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2025-10-14	No	Reported By Zhiniang Peng with HUST & R4nger with CyberKunLun
CVE-2025-58734	Inbox COM Objects (Global Memory) Exploitation Unlikely	CWE-416: Use After Free	Inbox COM Objects (Global Memory) Remote Code Execution Vulnerability CVSS vector: AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2025-10-14	No	Reported By Zhiniang Peng with HUST & R4nger with CyberKunLun
CVE-2025-58733	Inbox COM Objects (Global Memory) Exploitation Unlikely	CWE-416: Use After Free	Inbox COM Objects (Global Memory) Remote Code Execution Vulnerability CVSS vector: AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2025-10-14	No	Reported By Zhiniang Peng with HUST & R4nger with CyberKunLun
CVE-2025-58732	Inbox COM Objects (Global Memory) Exploitation Unlikely	CWE-416: Use After Free	Inbox COM Objects (Global Memory) Remote Code Execution Vulnerability CVSS vector: AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2025-10-14	No	Reported By Zhiniang Peng with HUST & R4nger with CyberKunLun
CVE-2025-58731	Inbox COM Objects (Global Memory) Exploitation Unlikely	CWE-416: Use After Free	Inbox COM Objects (Global Memory) Remote Code Execution Vulnerability CVSS vector: AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2025-10-14	No	Reported By Zhiniang Peng with HUST & R4nger with CyberKunLun
CVE-2025-58730	Inbox COM Objects (Global Memory) Exploitation Unlikely	CWE-416: Use After Free	Inbox COM Objects (Global Memory) Remote Code Execution Vulnerability CVSS vector: AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2025-10-14	No	Reported By Zhiniang Peng with HUST & R4nger with CyberKunLun
CVE-2025-55678	DirectX Graphics Kernel Exploitation Less Likely	CWE-416: Use After Free	DirectX Graphics Kernel Elevation of Privilege Vulnerability CVSS vector: AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2025-10-14	No	Reported By Anonymous
CVE-2025-59289	Windows Bluetooth Service Exploitation Less Likely	CWE-415: Double Free	Windows Bluetooth Service Elevation of Privilege Vulnerability CVSS vector: AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2025-10-14	No	Reported By Jongseong Kim (nevul37), SEC-agent team with ENKI WhiteHat Hwiwon Lee (hwiwonl), SEC-agent team
CVE-2025-59502	Remote Procedure Call Exploitation More Likely	CWE-400: Uncontrolled Resource Consumption	Remote Procedure Call Denial of Service Vulnerability CVSS vector: AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C	2025-10-14	No	Reported By Or Yair with SafeBreach
CVE-2025-59261	Windows Graphics Component Exploitation Unlikely	CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition	Windows Graphics Component Elevation of Privilege Vulnerability CVSS vector: AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2025-10-14	No	Reported By Maxime Villard
CVE-2025-55680	Windows Cloud Files Mini Filter Driver Exploitation More Likely	CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition	Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability CVSS vector: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2025-10-14	No	Reported By TyphoonPWN Windows PE Winner with SSD Secure Disclosure
CVE-2025-55696	NtQueryInformation Token function (ntifs.h) Exploitation Unlikely	CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition CWE-822: Untrusted Pointer Dereference	NtQueryInformation Token function (ntifs.h) Elevation of Privilege Vulnerability CVSS vector: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2025-10-14	No	Reported By Microsoft Offensive Research & Security Engineering
CVE-2025-59196	Windows Simple Search and Discovery Protocol (SSDP) Service Exploitation Unlikely	CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') CWE-416: Use After Free	Windows Simple Search and Discovery Protocol (SSDP) Service Elevation of Privilege Vulnerability CVSS vector: AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2025-10-14	No	Reported By k0shl with Kunlun Lab
CVE-2025-55687	Windows Resilient File System (ReFS) Exploitation Less Likely	CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') CWE-416: Use After Free	Windows Resilient File System (ReFS) Elevation of Privilege Vulnerability CVSS vector: AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2025-10-14	No	-
CVE-2025-59193	Windows Management Services Exploitation Less Likely	CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')	Windows Management Services Elevation of Privilege Vulnerability CVSS vector: AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2025-10-14	No	Reported By Zhiniang Peng with HUST & R4nger with CyberKunLun
CVE-2025-55328	Windows Hyper-V Exploitation Less Likely	CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')	Windows Hyper-V Elevation of Privilege Vulnerability CVSS vector: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2025-10-14	No	Reported By hazard
CVE-2025-59205	Windows Graphics Component Exploitation Less Likely	CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')	Windows Graphics Component Elevation of Privilege Vulnerability CVSS vector: AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2025-10-14	No	Reported By wenqunwang with China Telecom Research Institute