Analyst command view

MSRC Driver CVE Board

Latest-state board for filtered MSRC CVEs from 2020-01-01 to today, tuned for fast triage across module, CWE, release window, exploitation signal, and acknowledgement context.

Live snapshot

Last Sync

2026-05-20T07:39:30Z

Freshness

2 day(s) ago

Refresh Policy

24h baseline + release watch

Storage

Latest snapshot only

Rows In View

4933

Current result set after filter and search.

Exploited Flagged

4189

Rows with a non-empty exploitation signal.

Distinct CWE

162

Unique weakness classes in this view.

Modules

1528

Unique inferred driver or component labels.

Module

CWE

Rows

Sort

Actions

Reset

Top CWE

162 classes

Unspecified2109 CWE-416: Use After Free443 CWE-122: Heap-based Buffer Overflow354 CWE-125: Out-of-bounds Read269 CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')147 CWE-20: Improper Input Validation142 CWE-190: Integer Overflow or Wraparound127 CWE-476: NULL Pointer Dereference126

Top Modules

1528 modules

Windows Kernel220 Windows Routing and Remote Access Service (RRAS)111 Windows Hyper-V101 Win32k100 Windows Graphics Component89 Windows Print Spooler69 Remote Procedure Call Runtime67 Microsoft Message Queuing (MSMQ)63

Release Month

July 2025

50 CVE | last update 2 day(s) ago

Release 2025-07-08 Patch Tuesday Count 50

CVE	Module	CWE	Title Advisory text and compact technical context	Release	Exploited	Acknowledgement
CVE-2025-49682	Windows Media Exploitation Less Likely	CWE-416: Use After Free	Windows Media Elevation of Privilege Vulnerability CVSS vector: AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2025-07-08	No	Reported By Hussein Alrubaye with Microsoft
CVE-2025-49735	Windows KDC Proxy Service (KPSSVC) Exploitation More Likely	CWE-416: Use After Free	Windows KDC Proxy Service (KPSSVC) Remote Code Execution Vulnerability CVSS vector: AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2025-07-08	No	Reported By ʌ!ɔ⊥ojv with Kunlun Lab
CVE-2025-47991	Windows Input Method Editor (IME) Exploitation Unlikely	CWE-416: Use After Free	Windows Input Method Editor (IME) Elevation of Privilege Vulnerability CVSS vector: AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C	2025-07-08	No	Reported By R4nger with CyberKunLun & Zhiniang Peng with HUST
CVE-2025-49660	Windows Event Tracing Exploitation Less Likely	CWE-416: Use After Free	Windows Event Tracing Elevation of Privilege Vulnerability CVSS vector: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2025-07-08	No	Reported By Chen Le Qi (@cplearns2h4ck) with STAR Labs SG Pte. Ltd.
CVE-2025-49724	Windows Connected Devices Platform Service Exploitation More Likely	CWE-416: Use After Free	Windows Connected Devices Platform Service Remote Code Execution Vulnerability CVSS vector: AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2025-07-08	No	Reported By Lewis Lee Chunyang Han Zhiniang Peng with HUST
CVE-2025-48000	Windows Connected Devices Platform Service Exploitation Less Likely	CWE-416: Use After Free CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')	Windows Connected Devices Platform Service Elevation of Privilege Vulnerability CVSS vector: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2025-07-08	No	Reported By Zhang WangJunJie, He YiSheng with Hillstone Networks
CVE-2025-49733	Win32k Exploitation Less Likely	CWE-416: Use After Free	Win32k Elevation of Privilege Vulnerability CVSS vector: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2025-07-08	No	Reported By Devin Jensen with Microsoft Benjamin Rodes with Microsoft George Hughey with Microsoft Mathias Vorreiter Pedersen with Microsoft
CVE-2025-47986	Universal Print Management Service Exploitation Unlikely	CWE-416: Use After Free	Universal Print Management Service Elevation of Privilege Vulnerability CVSS vector: AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C	2025-07-08	No	Reported By R4nger with CyberKunLun & Zhiniang Peng with HUST
CVE-2025-48806	Microsoft MPEG-2 Video Extension Exploitation Less Likely	CWE-416: Use After Free	Microsoft MPEG-2 Video Extension Remote Code Execution Vulnerability CVSS vector: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2025-07-08	No	Reported By Anonymous
CVE-2025-49677	Microsoft Brokering File System Exploitation Less Likely	CWE-416: Use After Free	Microsoft Brokering File System Elevation of Privilege Vulnerability CVSS vector: AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2025-07-08	No	Reported By ChenJian with Sea Security Orca Team
CVE-2025-49675	Kernel Streaming WOW Thunk Service Driver Exploitation Less Likely	CWE-416: Use After Free	Kernel Streaming WOW Thunk Service Driver Elevation of Privilege Vulnerability CVSS vector: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2025-07-08	No	Reported By Angelboy (@scwuaptx) with DEVCORE
CVE-2025-49667	Windows Win32 Kernel Subsystem Exploitation Less Likely	CWE-415: Double Free	Windows Win32 Kernel Subsystem Elevation of Privilege Vulnerability CVSS vector: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2025-07-08	No	Reported By Hussein Alrubaye with Microsoft
CVE-2025-47975	Windows Simple Search and Discovery Protocol (SSDP) Service Exploitation Less Likely	CWE-415: Double Free	Windows Simple Search and Discovery Protocol (SSDP) Service Elevation of Privilege Vulnerability CVSS vector: AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2025-07-08	No	Reported By k0shl with Kunlun Lab
CVE-2025-49688	Windows Routing and Remote Access Service (RRAS) Exploitation Unlikely	CWE-415: Double Free	Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability CVSS vector: AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2025-07-08	No	Reported By Anonymous
CVE-2025-49693	Microsoft Brokering File System Exploitation Less Likely	CWE-415: Double Free	Microsoft Brokering File System Elevation of Privilege Vulnerability CVSS vector: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2025-07-08	No	Reported By ChenJian with Sea Security Orca Team
CVE-2025-49722	Windows Print Spooler Exploitation Less Likely	CWE-400: Uncontrolled Resource Consumption	Windows Print Spooler Denial of Service Vulnerability CVSS vector: AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C	2025-07-08	No	Reported By Or Yair with SafeBreach Shahak Morag with SafeBreach
CVE-2025-49716	Windows Netlogon Exploitation Unlikely	CWE-400: Uncontrolled Resource Consumption	Windows Netlogon Denial of Service Vulnerability CVSS vector: AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C	2025-07-08	No	Reported By Or Yair Or Yair with SafeBreach Shahak Morag Shahak Morag with SafeBreach
CVE-2025-49730	Microsoft Windows QoS Scheduler Driver Exploitation Less Likely	CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition CWE-122: Heap-based Buffer Overflow	Microsoft Windows QoS Scheduler Driver Elevation of Privilege Vulnerability CVSS vector: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2025-07-08	No	Reported By Fraunhofer FKIE CA&D
CVE-2025-49665	Workspace Broker Exploitation Less Likely	CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') CWE-416: Use After Free	Workspace Broker Elevation of Privilege Vulnerability CVSS vector: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2025-07-08	No	Reported By R4nger with CyberKunLun & Zhiniang Peng with HUST
CVE-2025-47972	Windows Input Method Editor (IME) Exploitation Unlikely	CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')	Windows Input Method Editor (IME) Elevation of Privilege Vulnerability CVSS vector: AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C	2025-07-08	No	Reported By Pwnforr777
CVE-2025-49737	Microsoft Teams Exploitation Less Likely	CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')	Microsoft Teams Elevation of Privilege Vulnerability CVSS vector: AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2025-07-08	No	Reported By Omer Dahan
CVE-2025-49690	Capability Access Management Service (camsvc) Exploitation Less Likely	CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') CWE-415: Double Free	Capability Access Management Service (camsvc) Elevation of Privilege Vulnerability CVSS vector: AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2025-07-08	No	Reported By R4nger with CyberKunLun & Zhiniang Peng with HUST Pwnforr777
CVE-2025-48803	Windows Virtualization-Based Security (VBS) Exploitation Less Likely	CWE-353: Missing Support for Integrity Check	Windows Virtualization-Based Security (VBS) Elevation of Privilege Vulnerability CVSS vector: AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2025-07-08	No	-
CVE-2025-48823	Windows Cryptographic Services Exploitation Less Likely	CWE-310: CWE CATEGORY: Cryptographic Issues	Windows Cryptographic Services Information Disclosure Vulnerability CVSS vector: AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C	2025-07-08	No	Reported By Anonymous
CVE-2025-47993	Microsoft PC Manager Exploitation Less Likely	CWE-284: Improper Access Control	Microsoft PC Manager Elevation of Privilege Vulnerability CVSS vector: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2025-07-08	No	Reported By Filip Dragovic (@filip_dragovic) working with Trend Zero Day Initiative
CVE-2025-49731	Microsoft Teams Exploitation Less Likely	CWE-280: Improper Handling of Insufficient Permissions or Privileges	Microsoft Teams Elevation of Privilege Vulnerability CVSS vector: AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C	2025-07-08	No	Reported By Muhammad Alqi Fahrezi
CVE-2025-48817	Remote Desktop Client Exploitation Less Likely	CWE-23: Relative Path Traversal CWE-284: Improper Access Control	Remote Desktop Client Remote Code Execution Vulnerability CVSS vector: AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2025-07-08	No	-
CVE-2025-47982	Windows Storage VSP Driver Exploitation Less Likely	CWE-20: Improper Input Validation CWE-822: Untrusted Pointer Dereference	Windows Storage VSP Driver Elevation of Privilege Vulnerability CVSS vector: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2025-07-08	No	Reported By OUYANG FEI
CVE-2025-49664	Windows User-Mode Driver Framework Host Exploitation Less Likely	CWE-200: Exposure of Sensitive Information to an Unauthorized Actor	Windows User-Mode Driver Framework Host Information Disclosure Vulnerability CVSS vector: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C	2025-07-08	No	Reported By Dongjun Kim (smlijun) with Ajou University, and working at ENKI WhiteHat Jongseong Kim (nevul37) with Ajou University, and working at ENKI WhiteHat
CVE-2025-49671	Windows Routing and Remote Access Service (RRAS) Exploitation Unlikely	CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-125: Out-of-bounds Read	Windows Routing and Remote Access Service (RRAS) Information Disclosure Vulnerability CVSS vector: AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C	2025-07-08	No	Reported By Anonymous
CVE-2025-48808	Windows Kernel Exploitation Unlikely	CWE-200: Exposure of Sensitive Information to an Unauthorized Actor	Windows Kernel Information Disclosure Vulnerability CVSS vector: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C	2025-07-08	No	Reported By Arjun Vasudeva with MSRC V&M
CVE-2025-47980	Windows Imaging Component Exploitation Less Likely	CWE-200: Exposure of Sensitive Information to an Unauthorized Actor	Windows Imaging Component Information Disclosure Vulnerability CVSS vector: AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C	2025-07-08	No	Reported By Mark Riehm
CVE-2025-49679	Windows Shell Exploitation Less Likely	CWE-197: Numeric Truncation Error	Windows Shell Elevation of Privilege Vulnerability CVSS vector: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2025-07-08	No	Reported By YanZiShuang@BigCJTeam of cyberkl
CVE-2025-47996	Windows MBT Transport Driver Exploitation Unlikely	CWE-191: Integer Underflow (Wrap or Wraparound) CWE-125: Out-of-bounds Read	Windows MBT Transport Driver Elevation of Privilege Vulnerability CVSS vector: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2025-07-08	No	Reported By Angelboy (@scwuaptx) with DEVCORE
CVE-2025-48002	Windows Hyper-V Exploitation Less Likely	CWE-190: Integer Overflow or Wraparound CWE-125: Out-of-bounds Read	Windows Hyper-V Information Disclosure Vulnerability CVSS vector: AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C	2025-07-08	No	Reported By Anonymous
CVE-2025-49742	Windows Graphics Component Exploitation Less Likely	CWE-190: Integer Overflow or Wraparound CWE-122: Heap-based Buffer Overflow	Windows Graphics Component Remote Code Execution Vulnerability CVSS vector: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2025-07-08	No	Reported By Marcin Wiazowski working with Trend Zero Day Initiative
CVE-2025-49689	Microsoft Virtual Hard Disk Exploitation Less Likely	CWE-190: Integer Overflow or Wraparound CWE-125: Out-of-bounds Read CWE-822: Untrusted Pointer Dereference	Microsoft Virtual Hard Disk Elevation of Privilege Vulnerability CVSS vector: AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2025-07-08	No	Reported By Sergey Tarasov with Positive Technologies
CVE-2025-49683	Microsoft Virtual Hard Disk Exploitation Unlikely	CWE-190: Integer Overflow or Wraparound CWE-122: Heap-based Buffer Overflow	Microsoft Virtual Hard Disk Remote Code Execution Vulnerability CVSS vector: AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2025-07-08	No	Reported By Cherie-Anne Lee (@KaligulaSec) with STAR Labs SG Pte. Ltd.
CVE-2025-48816	HID Class Driver Exploitation Unlikely	CWE-190: Integer Overflow or Wraparound CWE-125: Out-of-bounds Read	HID Class Driver Elevation of Privilege Vulnerability CVSS vector: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2025-07-08	No	Reported By Anonymous
CVE-2025-49659	Windows Transport Driver Interface (TDI) Translation Driver Exploitation Less Likely	CWE-126: Buffer Over-read	Windows Transport Driver Interface (TDI) Translation Driver Elevation of Privilege Vulnerability CVSS vector: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2025-07-08	No	Reported By Angelboy (@scwuaptx) with DEVCORE
CVE-2025-49684	Windows Storage Port Driver Exploitation Less Likely	CWE-126: Buffer Over-read	Windows Storage Port Driver Information Disclosure Vulnerability CVSS vector: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C	2025-07-08	No	Reported By zoemurmure with Qingteng
CVE-2025-47973	Microsoft Virtual Hard Disk Exploitation Unlikely	CWE-126: Buffer Over-read	Microsoft Virtual Hard Disk Elevation of Privilege Vulnerability CVSS vector: AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2025-07-08	No	Reported By Seungjin Oh (@seungjin01) with 78ResearchLab Donghyeon Oh JONGHOI KIM
CVE-2025-47971	Microsoft Virtual Hard Disk Exploitation Less Likely	CWE-126: Buffer Over-read	Microsoft Virtual Hard Disk Elevation of Privilege Vulnerability CVSS vector: AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2025-07-08	No	Reported By Donghyeon Oh JONGHOI KIM
CVE-2025-49658	Windows Transport Driver Interface (TDI) Translation Driver Exploitation Less Likely	CWE-125: Out-of-bounds Read	Windows Transport Driver Interface (TDI) Translation Driver Information Disclosure Vulnerability CVSS vector: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C	2025-07-08	No	Reported By Angelboy (@scwuaptx) with DEVCORE
CVE-2025-49681	Windows Routing and Remote Access Service (RRAS) Exploitation Unlikely	CWE-125: Out-of-bounds Read	Windows Routing and Remote Access Service (RRAS) Information Disclosure Vulnerability CVSS vector: AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C	2025-07-08	No	Reported By Anonymous
CVE-2025-49687	Windows Input Method Editor (IME) Exploitation Less Likely	CWE-125: Out-of-bounds Read	Windows Input Method Editor (IME) Elevation of Privilege Vulnerability CVSS vector: AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C	2025-07-08	No	Reported By R4nger with CyberKunLun & Zhiniang Peng with HUST
CVE-2025-48822	Windows Hyper-V Discrete Device Assignment (DDA) Exploitation Less Likely	CWE-125: Out-of-bounds Read	Windows Hyper-V Discrete Device Assignment (DDA) Remote Code Execution Vulnerability CVSS vector: AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C	2025-07-08	No	Reported By Axel Andrejs
CVE-2025-49666	Windows Server Setup and Boot Event Collection Exploitation Unlikely	CWE-122: Heap-based Buffer Overflow	Windows Server Setup and Boot Event Collection Remote Code Execution Vulnerability CVSS vector: AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2025-07-08	No	Reported By Anonymous
CVE-2025-49753	Windows Routing and Remote Access Service (RRAS) Exploitation Unlikely	CWE-122: Heap-based Buffer Overflow	Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability CVSS vector: AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2025-07-08	No	Reported By Anonymous
CVE-2025-49729	Windows Routing and Remote Access Service (RRAS) Exploitation Unlikely	CWE-122: Heap-based Buffer Overflow	Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability CVSS vector: AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2025-07-08	No	Reported By Anonymous