Analyst command view

MSRC Driver CVE Board

Latest-state board for filtered MSRC CVEs from 2020-01-01 to today, tuned for fast triage across module, CWE, release window, exploitation signal, and acknowledgement context.

Live snapshot

Last Sync

2026-05-20T07:39:30Z

Freshness

1 day(s) ago

Refresh Policy

24h baseline + release watch

Storage

Latest snapshot only

Rows In View

4933

Current result set after filter and search.

Exploited Flagged

4189

Rows with a non-empty exploitation signal.

Distinct CWE

162

Unique weakness classes in this view.

Modules

1528

Unique inferred driver or component labels.

Module

CWE

Rows

Sort

Actions

Reset

Top CWE

162 classes

Unspecified2109 CWE-416: Use After Free443 CWE-122: Heap-based Buffer Overflow354 CWE-125: Out-of-bounds Read269 CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')147 CWE-20: Improper Input Validation142 CWE-190: Integer Overflow or Wraparound127 CWE-476: NULL Pointer Dereference126

Top Modules

1528 modules

Windows Kernel220 Windows Routing and Remote Access Service (RRAS)111 Windows Hyper-V101 Win32k100 Windows Graphics Component89 Windows Print Spooler69 Remote Procedure Call Runtime67 Microsoft Message Queuing (MSMQ)63

Release Month

October 2025

50 CVE | last update 1 day(s) ago

Release 2025-10-14 Patch Tuesday Count 50

CVE	Module	CWE	Title Advisory text and compact technical context	Release	Exploited	Acknowledgement
CVE-2025-59195	Windows Graphics Component Exploitation Less Likely	CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') CWE-416: Use After Free	Windows Graphics Component Denial of Service Vulnerability CVSS vector: AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2025-10-14	No	Reported By cyanbamboo
CVE-2025-58727	Windows Connected Devices Platform Service Exploitation Less Likely	CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')	Windows Connected Devices Platform Service Elevation of Privilege Vulnerability CVSS vector: AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2025-10-14	No	Reported By Zhang WangJunJie, He YiSheng with Hillstone Networks Security Research Institute
CVE-2025-59282	Internet Information Services (IIS) Inbox COM Objects (Global Memory) Exploitation Unlikely	CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') CWE-416: Use After Free	Internet Information Services (IIS) Inbox COM Objects (Global Memory) Remote Code Execution Vulnerability CVSS vector: AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2025-10-14	No	Reported By Zhiniang Peng with HUST & R4nger with CyberKunLun
CVE-2025-59253	Windows Search Service Exploitation Less Likely	CWE-284: Improper Access Control	Windows Search Service Denial of Service Vulnerability CVSS vector: AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C	2025-10-14	No	Reported By Remco van der Meer with Warpnet
CVE-2025-58726	Windows SMB Server Exploitation Less Likely	CWE-284: Improper Access Control	Windows SMB Server Elevation of Privilege Vulnerability CVSS vector: AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2025-10-14	No	Reported By Andrea Pierini with Semperis
CVE-2025-59230	Windows Remote Access Connection Manager Exploitation Detected	CWE-284: Improper Access Control	Windows Remote Access Connection Manager Elevation of Privilege Vulnerability CVSS vector: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C	2025-10-14	Yes	Reported By Microsoft Threat Intelligence Center (MSTIC) & Microsoft Security Response Center (MSRC)
CVE-2025-55694	Windows Error Reporting Service Exploitation More Likely	CWE-284: Improper Access Control	Windows Error Reporting Service Elevation of Privilege Vulnerability CVSS vector: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2025-10-14	No	Reported By Denis Faiustov and Ruslan Sayfiev with GMO Cybersecurity by Ierae
CVE-2025-58714	Windows Ancillary Function Driver for WinSock Exploitation Unlikely	CWE-284: Improper Access Control	Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability CVSS vector: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2025-10-14	No	Reported By Angelboy (@scwuaptx) with DEVCORE
CVE-2025-59199	Software Protection Platform (SPP) Exploitation More Likely	CWE-284: Improper Access Control	Software Protection Platform (SPP) Elevation of Privilege Vulnerability CVSS vector: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2025-10-14	No	Reported By Yarin Aharoni with SafeBreach
CVE-2025-25004	PowerShell Exploitation Less Likely	CWE-284: Improper Access Control	PowerShell Elevation of Privilege Vulnerability CVSS vector: AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2025-10-14	No	Reported By Casper tsuki
CVE-2025-59201	Network Connection Status Indicator (NCSI) Exploitation Less Likely	CWE-284: Improper Access Control	Network Connection Status Indicator (NCSI) Elevation of Privilege Vulnerability CVSS vector: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2025-10-14	No	Reported By T0
CVE-2025-58716	Windows Speech Runtime Exploitation Unlikely	CWE-20: Improper Input Validation	Windows Speech Runtime Elevation of Privilege Vulnerability CVSS vector: AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C	2025-10-14	No	Reported By Anonymous
CVE-2025-59198	Windows Search Service Exploitation Unlikely	CWE-20: Improper Input Validation	Windows Search Service Denial of Service Vulnerability CVSS vector: AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C	2025-10-14	No	Reported By Jongseong Kim (nevul37), SEC-agent team with ENKI WhiteHat
CVE-2025-59190	Windows Search Service Exploitation Unlikely	CWE-20: Improper Input Validation	Windows Search Service Denial of Service Vulnerability CVSS vector: AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C	2025-10-14	No	Reported By Jongseong Kim (nevul37), SEC-agent team with ENKI WhiteHat Hwiwon Lee (hwiwonl), SEC-agent team
CVE-2025-59187	Windows Kernel Exploitation Less Likely	CWE-20: Improper Input Validation CWE-822: Untrusted Pointer Dereference	Windows Kernel Elevation of Privilege Vulnerability CVSS vector: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2025-10-14	No	Reported By Anonymous
CVE-2025-55679	Windows Kernel Exploitation Unlikely	CWE-20: Improper Input Validation CWE-200: Exposure of Sensitive Information to an Unauthorized Actor	Windows Kernel Information Disclosure Vulnerability CVSS vector: AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C	2025-10-14	No	Reported By Angelboy (@scwuaptx) with DEVCORE
CVE-2025-55692	Windows Error Reporting Service Exploitation More Likely	CWE-20: Improper Input Validation	Windows Error Reporting Service Elevation of Privilege Vulnerability CVSS vector: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2025-10-14	No	Reported By Denis Faiustov with GMO Cybersecurity by Ierae Ruslan Sayfiev with GMO Cybersecurity by Ierae
CVE-2025-55676	Windows USB Video Class System Driver Exploitation More Likely	CWE-209: Generation of Error Message Containing Sensitive Information	Windows USB Video Class System Driver Information Disclosure Vulnerability CVSS vector: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C	2025-10-14	No	Reported By Lewis Lee, Chunyang Han, and Zhiniang Peng with HUST
CVE-2025-59294	Windows Taskbar Live Preview Exploitation Unlikely	CWE-200: Exposure of Sensitive Information to an Unauthorized Actor	Windows Taskbar Live Preview Information Disclosure Vulnerability CVSS vector: AV:P/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C	2025-10-14	No	Reported By Ludwig Andrew Haigh with Aptean PeterAS17 with https://www.peteras17.me/ Anthony Juanelli
CVE-2025-59211	Windows Push Notification Exploitation Unlikely	CWE-200: Exposure of Sensitive Information to an Unauthorized Actor	Windows Push Notification Information Disclosure Vulnerability CVSS vector: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C	2025-10-14	No	Reported By Anonymous
CVE-2025-59209	Windows Push Notification Exploitation Unlikely	CWE-200: Exposure of Sensitive Information to an Unauthorized Actor	Windows Push Notification Information Disclosure Vulnerability CVSS vector: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C	2025-10-14	No	Reported By Aobo Wang
CVE-2025-59186	Windows Kernel Exploitation Less Likely	CWE-200: Exposure of Sensitive Information to an Unauthorized Actor	Windows Kernel Information Disclosure Vulnerability CVSS vector: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C	2025-10-14	No	Reported By Lewis Lee, Ver and Zhiniang Peng of HUST
CVE-2025-55699	Windows Kernel Exploitation Less Likely	CWE-200: Exposure of Sensitive Information to an Unauthorized Actor	Windows Kernel Information Disclosure Vulnerability CVSS vector: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C	2025-10-14	No	Reported By Maxime Villard
CVE-2025-55683	Windows Kernel Exploitation Less Likely	CWE-200: Exposure of Sensitive Information to an Unauthorized Actor	Windows Kernel Information Disclosure Vulnerability CVSS vector: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C	2025-10-14	No	Reported By Lewis Lee Chunyang Han Zhiniang Peng with HUST
CVE-2025-55336	Windows Cloud Files Mini Filter Driver Exploitation Less Likely	CWE-200: Exposure of Sensitive Information to an Unauthorized Actor	Windows Cloud Files Mini Filter Driver Information Disclosure Vulnerability CVSS vector: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C	2025-10-14	No	Reported By Chen Le Qi (@cplearns2h4ck) with STAR Labs SG Pte. Ltd.
CVE-2025-59184	Storage Spaces Direct Exploitation Less Likely	CWE-200: Exposure of Sensitive Information to an Unauthorized Actor	Storage Spaces Direct Information Disclosure Vulnerability CVSS vector: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C	2025-10-14	No	Reported By Lewis Lee Chunyang Han Zhiniang Peng of HUST
CVE-2025-59260	Microsoft Failover Cluster Virtual Driver Exploitation Less Likely	CWE-200: Exposure of Sensitive Information to an Unauthorized Actor	Microsoft Failover Cluster Virtual Driver Information Disclosure Vulnerability CVSS vector: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C	2025-10-14	No	Reported By Lewis Lee, Chunyang Han and Zhiniang Peng with HUST Chunyang Han
CVE-2025-59188	Microsoft Failover Cluster Exploitation Less Likely	CWE-200: Exposure of Sensitive Information to an Unauthorized Actor	Microsoft Failover Cluster Information Disclosure Vulnerability CVSS vector: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C	2025-10-14	No	Reported By Lewis Lee, Chunyang Han and Zhiniang Peng with HUST
CVE-2025-58715	Windows Speech Runtime Exploitation Unlikely	CWE-190: Integer Overflow or Wraparound	Windows Speech Runtime Elevation of Privilege Vulnerability CVSS vector: AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C	2025-10-14	No	Reported By Anonymous
CVE-2025-59259	Windows Local Session Manager (LSM) Exploitation Less Likely	CWE-1287: Improper Validation of Specified Type of Input	Windows Local Session Manager (LSM) Denial of Service Vulnerability CVSS vector: AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C	2025-10-14	No	Reported By Hussein Alrubaye with Microsoft
CVE-2025-59257	Windows Local Session Manager (LSM) Exploitation Less Likely	CWE-1287: Improper Validation of Specified Type of Input	Windows Local Session Manager (LSM) Denial of Service Vulnerability CVSS vector: AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C	2025-10-14	No	Reported By Hussein Alrubaye with Microsoft
CVE-2025-58729	Windows Local Session Manager (LSM) Exploitation Less Likely	CWE-1287: Improper Validation of Specified Type of Input	Windows Local Session Manager (LSM) Denial of Service Vulnerability CVSS vector: AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C	2025-10-14	No	Reported By Philemon Orphee Favrod
CVE-2025-59278	Windows Authentication Exploitation Less Likely	CWE-1287: Improper Validation of Specified Type of Input	Windows Authentication Elevation of Privilege Vulnerability CVSS vector: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2025-10-14	No	Reported By k0shl with Kunlun Lab
CVE-2025-59277	Windows Authentication Exploitation Less Likely	CWE-1287: Improper Validation of Specified Type of Input	Windows Authentication Elevation of Privilege Vulnerability CVSS vector: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2025-10-14	No	Reported By k0shl with Kunlun Lab
CVE-2025-59275	Windows Authentication Exploitation Less Likely	CWE-1287: Improper Validation of Specified Type of Input CWE-125: Out-of-bounds Read CWE-122: Heap-based Buffer Overflow	Windows Authentication Elevation of Privilege Vulnerability CVSS vector: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2025-10-14	No	Reported By k0shl with Kunlun Lab
CVE-2025-55701	Windows Authentication Exploitation Less Likely	CWE-1287: Improper Validation of Specified Type of Input	Windows Authentication Elevation of Privilege Vulnerability CVSS vector: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2025-10-14	No	Reported By k0shl with Kunlun Lab
CVE-2025-55325	Windows Storage Management Provider Exploitation Less Likely	CWE-126: Buffer Over-read	Windows Storage Management Provider Information Disclosure Vulnerability CVSS vector: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C	2025-10-14	No	Reported By nerty_nerty(Ingyu Yang), Mukyoung Kwak, Seongheun Hong, Jaeseok Bae, Jiwon Jang, Seoyun Cho with Best of the Best 13th Team MSRC Gasan insu with Theori Anonymous
CVE-2025-59192	Storport.sys Driver Exploitation Less Likely	CWE-126: Buffer Over-read	Storport.sys Driver Elevation of Privilege Vulnerability CVSS vector: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2025-10-14	No	Reported By zoemurmure with Qingteng
CVE-2025-55695	Windows WLAN AutoConfig Service Exploitation Unlikely	CWE-125: Out-of-bounds Read	Windows WLAN AutoConfig Service Information Disclosure Vulnerability CVSS vector: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C	2025-10-14	No	Reported By RuiLun Zou with Codesafe Team of Legendsec at Qi'anxin Group
CVE-2025-58717	Windows Routing and Remote Access Service (RRAS) Exploitation Less Likely	CWE-125: Out-of-bounds Read	Windows Routing and Remote Access Service (RRAS) Information Disclosure Vulnerability CVSS vector: AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C	2025-10-14	No	Reported By Anonymous
CVE-2025-55700	Windows Routing and Remote Access Service (RRAS) Exploitation Less Likely	CWE-125: Out-of-bounds Read	Windows Routing and Remote Access Service (RRAS) Information Disclosure Vulnerability CVSS vector: AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C	2025-10-14	No	Reported By Anonymous
CVE-2025-55339	Windows Network Driver Interface Specification (NDIS) Driver Exploitation Less Likely	CWE-125: Out-of-bounds Read	Windows Network Driver Interface Specification (NDIS) Driver Elevation of Privilege Vulnerability CVSS vector: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2025-10-14	No	Reported By Angelboy (@scwuaptx) with DEVCORE
CVE-2025-59208	Windows MapUrlToZone Exploitation Less Likely	CWE-125: Out-of-bounds Read	Windows MapUrlToZone Information Disclosure Vulnerability CVSS vector: AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:N/E:U/RL:O/RC:C	2025-10-14	No	Reported By George Hughey with MSRC Vulnerabilities & Mitigations
CVE-2025-50152	Windows Kernel Exploitation Less Likely	CWE-125: Out-of-bounds Read	Windows Kernel Elevation of Privilege Vulnerability CVSS vector: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2025-10-14	No	Reported By Anonymous
CVE-2025-55681	Desktop Window Manager Exploitation More Likely	CWE-125: Out-of-bounds Read CWE-822: Untrusted Pointer Dereference	Desktop Window Manager Elevation of Privilege Vulnerability CVSS vector: AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2025-10-14	No	Reported By TyphoonPWN Windows PE Winner with SSD Secure Disclosure
CVE-2025-58720	Windows Cryptographic Services Exploitation Less Likely	CWE-1240: Use of a Cryptographic Primitive with a Risky Implementation	Windows Cryptographic Services Information Disclosure Vulnerability CVSS vector: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2025-10-14	No	Reported By Mitch Lindgren with Microsoft
CVE-2025-59295	Windows URL Parsing Exploitation Less Likely	CWE-122: Heap-based Buffer Overflow	Windows URL Parsing Remote Code Execution Vulnerability CVSS vector: AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2025-10-14	No	Reported By j00sean h4urek
CVE-2025-59255	Windows DWM Core Library Exploitation Unlikely	CWE-122: Heap-based Buffer Overflow	Windows DWM Core Library Elevation of Privilege Vulnerability CVSS vector: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2025-10-14	No	Reported By namnp with Viettel Cyber Security
CVE-2025-59191	Windows Connected Devices Platform Service Exploitation Less Likely	CWE-122: Heap-based Buffer Overflow	Windows Connected Devices Platform Service Elevation of Privilege Vulnerability CVSS vector: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2025-10-14	No	Reported By Zhang WangJunJie, He YiSheng with Hillstone Networks Security Research Institute
CVE-2025-58725	Windows COM+ Event System Service Exploitation Less Likely	CWE-122: Heap-based Buffer Overflow	Windows COM+ Event System Service Elevation of Privilege Vulnerability CVSS vector: AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2025-10-14	No	Reported By Anonymous