Analyst command view

MSRC Driver CVE Board

Latest-state board for filtered MSRC CVEs from 2020-01-01 to today, tuned for fast triage across module, CWE, release window, exploitation signal, and acknowledgement context.

Live snapshot

Last Sync

2026-05-20T07:39:30Z

Freshness

2 day(s) ago

Refresh Policy

24h baseline + release watch

Storage

Latest snapshot only

Rows In View

4933

Current result set after filter and search.

Exploited Flagged

4189

Rows with a non-empty exploitation signal.

Distinct CWE

162

Unique weakness classes in this view.

Modules

1528

Unique inferred driver or component labels.

Module

CWE

Rows

Sort

Actions

Reset

Top CWE

162 classes

Unspecified2109 CWE-416: Use After Free443 CWE-122: Heap-based Buffer Overflow354 CWE-125: Out-of-bounds Read269 CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')147 CWE-20: Improper Input Validation142 CWE-190: Integer Overflow or Wraparound127 CWE-476: NULL Pointer Dereference126

Top Modules

1528 modules

Windows Kernel220 Windows Routing and Remote Access Service (RRAS)111 Windows Hyper-V101 Win32k100 Windows Graphics Component89 Windows Print Spooler69 Remote Procedure Call Runtime67 Microsoft Message Queuing (MSMQ)63

Release Month

July 2025

22 CVE | last update 2 day(s) ago

Release 2025-07-08 Patch Tuesday Count 22

CVE	Module	CWE	Title Advisory text and compact technical context	Release	Exploited	Acknowledgement
CVE-2025-49676	Windows Routing and Remote Access Service (RRAS) Exploitation Unlikely	CWE-122: Heap-based Buffer Overflow	Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability CVSS vector: AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2025-07-08	No	Reported By Anonymous
CVE-2025-49674	Windows Routing and Remote Access Service (RRAS) Exploitation Unlikely	CWE-122: Heap-based Buffer Overflow	Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability CVSS vector: AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2025-07-08	No	Reported By Anonymous
CVE-2025-49673	Windows Routing and Remote Access Service (RRAS) Exploitation Unlikely	CWE-122: Heap-based Buffer Overflow	Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability CVSS vector: AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2025-07-08	No	Reported By Anonymous
CVE-2025-49672	Windows Routing and Remote Access Service (RRAS) Exploitation Unlikely	CWE-122: Heap-based Buffer Overflow	Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability CVSS vector: AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2025-07-08	No	Reported By Anonymous
CVE-2025-49670	Windows Routing and Remote Access Service (RRAS) Exploitation Unlikely	CWE-122: Heap-based Buffer Overflow	Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability CVSS vector: AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C	2025-07-08	No	Reported By Anonymous
CVE-2025-49669	Windows Routing and Remote Access Service (RRAS) Exploitation Unlikely	CWE-122: Heap-based Buffer Overflow	Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability CVSS vector: AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2025-07-08	No	Reported By Anonymous
CVE-2025-49668	Windows Routing and Remote Access Service (RRAS) Exploitation Unlikely	CWE-122: Heap-based Buffer Overflow	Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability CVSS vector: AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2025-07-08	No	Reported By Anonymous
CVE-2025-49663	Windows Routing and Remote Access Service (RRAS) Exploitation Unlikely	CWE-122: Heap-based Buffer Overflow	Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability CVSS vector: AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2025-07-08	No	Reported By Anonymous
CVE-2025-49657	Windows Routing and Remote Access Service (RRAS) Exploitation Unlikely	CWE-122: Heap-based Buffer Overflow CWE-125: Out-of-bounds Read	Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability CVSS vector: AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2025-07-08	No	Reported By Anonymous
CVE-2025-48824	Windows Routing and Remote Access Service (RRAS) Exploitation Unlikely	CWE-122: Heap-based Buffer Overflow	Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability CVSS vector: AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2025-07-08	No	Reported By Anonymous
CVE-2025-47998	Windows Routing and Remote Access Service (RRAS) Exploitation Unlikely	CWE-122: Heap-based Buffer Overflow CWE-190: Integer Overflow or Wraparound	Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability CVSS vector: AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2025-07-08	No	Reported By Anonymous
CVE-2025-49691	Windows Miracast Wireless Display Exploitation Less Likely	CWE-122: Heap-based Buffer Overflow	Windows Miracast Wireless Display Remote Code Execution Vulnerability CVSS vector: AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2025-07-08	No	Reported By Marin Duroyon
CVE-2025-49744	Windows Graphics Component Exploitation More Likely	CWE-122: Heap-based Buffer Overflow CWE-191: Integer Underflow (Wrap or Wraparound) CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')	Windows Graphics Component Elevation of Privilege Vulnerability CVSS vector: AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2025-07-08	No	-
CVE-2025-49732	Windows Graphics Component Exploitation Less Likely	CWE-122: Heap-based Buffer Overflow	Windows Graphics Component Elevation of Privilege Vulnerability CVSS vector: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2025-07-08	No	Reported By Marcin Wiazowski working with Trend Zero Day Initiative
CVE-2025-49721	Windows Fast FAT File System Driver Exploitation Less Likely	CWE-122: Heap-based Buffer Overflow	Windows Fast FAT File System Driver Elevation of Privilege Vulnerability CVSS vector: AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2025-07-08	No	Reported By JeongOh Kyea with THEORI Kaligula Armblessed (@KaligulaSec) with STAR Labs SG Pte. Ltd.
CVE-2025-49727	Win32k Exploitation More Likely	CWE-122: Heap-based Buffer Overflow	Win32k Elevation of Privilege Vulnerability CVSS vector: AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2025-07-08	No	Reported By Marcin Wiazowski with Trend Zero Day Initiative
CVE-2025-47981	SPNEGO Extended Negotiation (NEGOEX) Security Mechanism Exploitation More Likely	CWE-122: Heap-based Buffer Overflow	SPNEGO Extended Negotiation (NEGOEX) Security Mechanism Remote Code Execution Vulnerability CVSS vector: AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2025-07-08	No	Reported By Yuki Chen Anonymous
CVE-2025-48805	Microsoft MPEG-2 Video Extension Exploitation Less Likely	CWE-122: Heap-based Buffer Overflow	Microsoft MPEG-2 Video Extension Remote Code Execution Vulnerability CVSS vector: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2025-07-08	No	Reported By Anonymous
CVE-2025-47987	Credential Security Support Provider Protocol (CredSSP) Exploitation More Likely	CWE-122: Heap-based Buffer Overflow CWE-190: Integer Overflow or Wraparound	Credential Security Support Provider Protocol (CredSSP) Elevation of Privilege Vulnerability CVSS vector: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2025-07-08	No	Reported By Anonymous Erik Egsgard with Field Effect
CVE-2025-48810	Windows Secure Kernel Mode Exploitation Less Likely	CWE-1037: Processor Optimization Removal or Modification of Security-critical Code	Windows Secure Kernel Mode Information Disclosure Vulnerability CVSS vector: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C	2025-07-08	No	Reported By Windows Kernel, Virtualization & Silicon Team
CVE-2025-48809	Windows Secure Kernel Mode Exploitation Less Likely	CWE-1037: Processor Optimization Removal or Modification of Security-critical Code	Windows Secure Kernel Mode Information Disclosure Vulnerability CVSS vector: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C	2025-07-08	No	Reported By Windows Kernel Virtualization & Security Team
CVE-2025-26636	Windows Kernel Exploitation Less Likely	CWE-1037: Processor Optimization Removal or Modification of Security-critical Code	Windows Kernel Information Disclosure Vulnerability CVSS vector: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C	2025-07-08	No	Reported By Windows Kernel, Virtualization & Security Team

Release Month

June 2025

28 CVE | last update 2 day(s) ago

Release 2025-06-10 Patch Tuesday Count 28

CVE	Module	CWE	Title Advisory text and compact technical context	Release	Exploited	Acknowledgement
CVE-2025-33070	Windows Netlogon Exploitation More Likely	CWE-908: Use of Uninitialized Resource	Windows Netlogon Elevation of Privilege Vulnerability CVSS vector: AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2025-06-10	No	Reported By Anonymous
CVE-2025-33052	Windows DWM Core Library Exploitation Unlikely	CWE-908: Use of Uninitialized Resource	Windows DWM Core Library Information Disclosure Vulnerability CVSS vector: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C	2025-06-10	No	Reported By Microsoft Offensive Research & Security Engineering (MORSE) with Microsoft
CVE-2025-33053	Internet Shortcut Files Exploitation Detected	CWE-73: External Control of File Name or Path	Internet Shortcut Files Remote Code Execution Vulnerability CVSS vector: AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C	2025-06-10	Yes	Reported By Alexandra Gofman and David Driker (Check Point Research)
CVE-2025-33050	DHCP Server Service Exploitation Less Likely	CWE-693: Protection Mechanism Failure	DHCP Server Service Denial of Service Vulnerability CVSS vector: AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C	2025-06-10	No	Reported By Anonymous
CVE-2025-32725	DHCP Server Service Exploitation Less Likely	CWE-693: Protection Mechanism Failure	DHCP Server Service Denial of Service Vulnerability CVSS vector: AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C	2025-06-10	No	Reported By bee13oy with Cyber Kunlun Lab
CVE-2025-32721	Windows Recovery Driver Exploitation Unlikely	CWE-59: Improper Link Resolution Before File Access ('Link Following')	Windows Recovery Driver Elevation of Privilege Vulnerability CVSS vector: AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2025-06-10	No	Reported By BochengXiang(@Crispr) with FDU
CVE-2025-33075	Windows Installer Exploitation Less Likely	CWE-59: Improper Link Resolution Before File Access ('Link Following')	Windows Installer Elevation of Privilege Vulnerability CVSS vector: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2025-06-10	No	Reported By Simon Zuckerbraun of Trend Zero Day Initiative
CVE-2025-33057	Windows Local Security Authority (LSA) Exploitation Less Likely	CWE-476: NULL Pointer Dereference	Windows Local Security Authority (LSA) Denial of Service Vulnerability CVSS vector: AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C	2025-06-10	No	Reported By Anonymous
CVE-2025-32710	Windows Remote Desktop Services Exploitation Less Likely	CWE-416: Use After Free CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')	Windows Remote Desktop Services Remote Code Execution Vulnerability CVSS vector: AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2025-06-10	No	Reported By ʌ!ɔ⊥ojv with Kunlun Lab SmallerDragon
CVE-2025-33071	Windows KDC Proxy Service (KPSSVC) Exploitation More Likely	CWE-416: Use After Free	Windows KDC Proxy Service (KPSSVC) Remote Code Execution Vulnerability CVSS vector: AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2025-06-10	No	Reported By k0shl with Kunlun Lab ʌ!ɔ⊥ojv with Kunlun Lab
CVE-2025-32712	Win32k Exploitation Less Likely	CWE-416: Use After Free	Win32k Elevation of Privilege Vulnerability CVSS vector: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2025-06-10	No	Reported By Anonymous
CVE-2025-29828	Windows Schannel Exploitation Less Likely	CWE-401: Missing Release of Memory after Effective Lifetime	Windows Schannel Remote Code Execution Vulnerability CVSS vector: AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2025-06-10	No	Reported By Anonymous
CVE-2025-33068	Windows Standards-Based Storage Management Service Exploitation Unlikely	CWE-400: Uncontrolled Resource Consumption	Windows Standards-Based Storage Management Service Denial of Service Vulnerability CVSS vector: AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C	2025-06-10	No	Reported By k0shl with Kunlun Lab Zhiniang Peng with HUST
CVE-2025-32724	Windows Local Security Authority Subsystem Service (LSASS) Exploitation Unlikely	CWE-400: Uncontrolled Resource Consumption	Windows Local Security Authority Subsystem Service (LSASS) Denial of Service Vulnerability CVSS vector: AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C	2025-06-10	No	Reported By Or Yair with SafeBreach Shahak Morag with SafeBreach
CVE-2025-32722	Windows Storage Port Driver Exploitation Less Likely	CWE-284: Improper Access Control	Windows Storage Port Driver Information Disclosure Vulnerability CVSS vector: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C	2025-06-10	No	Reported By Angelboy (@scwuaptx) with DEVCORE
CVE-2025-33073	Windows SMB Client Exploitation Less Likely	CWE-284: Improper Access Control	Windows SMB Client Elevation of Privilege Vulnerability CVSS vector: AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C	2025-06-10	No	Reported By James Forshaw of Google Project Zero RedTeam Pentesting GmbH Stefan Walter and Daniel Isern with SySS GmbH Ahamada M'Bamba (h1roki) Cameron Stish with GuidePoint Security Wilfried Bécard with Synacktiv Keisuke Hirata with CrowdStrike
CVE-2025-47962	Windows SDK Exploitation More Likely	CWE-284: Improper Access Control	Windows SDK Elevation of Privilege Vulnerability CVSS vector: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2025-06-10	No	Reported By whoisthatguy Naor Hodorov Kolja Grassmann with Neodyme AG Ken Kitahara with LAC Co., Ltd. Robbie Corley Julian Härig
CVE-2025-33056	Windows Local Security Authority (LSA) Exploitation Less Likely	CWE-284: Improper Access Control	Windows Local Security Authority (LSA) Denial of Service Vulnerability CVSS vector: AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C	2025-06-10	No	Reported By Erik Egsgard with Field Effect
CVE-2025-32714	Windows Installer Exploitation More Likely	CWE-284: Improper Access Control	Windows Installer Elevation of Privilege Vulnerability CVSS vector: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2025-06-10	No	Reported By Simon Zuckerbraun of Trend Zero Day Initiative
CVE-2025-33067	Windows Task Scheduler Exploitation Less Likely	CWE-269: Improper Privilege Management	Windows Task Scheduler Elevation of Privilege Vulnerability CVSS vector: AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2025-06-10	No	Reported By Alexander Pudwill
CVE-2025-47955	Windows Remote Access Connection Manager Exploitation Less Likely	CWE-269: Improper Privilege Management	Windows Remote Access Connection Manager Elevation of Privilege Vulnerability CVSS vector: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2025-06-10	No	Reported By Sergey Bliznyuk with Positive Technologies
CVE-2025-47969	Windows Virtualization-Based Security (VBS) Exploitation Less Likely	CWE-200: Exposure of Sensitive Information to an Unauthorized Actor	Windows Virtualization-Based Security (VBS) Information Disclosure Vulnerability CVSS vector: AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C	2025-06-10	No	Reported By Ceri Coburn with NetSPI
CVE-2025-32718	Windows SMB Client Exploitation Unlikely	CWE-190: Integer Overflow or Wraparound CWE-122: Heap-based Buffer Overflow	Windows SMB Client Elevation of Privilege Vulnerability CVSS vector: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2025-06-10	No	Reported By Genghis Karimov with Microsoft High-Availability Storage Group
CVE-2025-24068	Windows Storage Management Provider Exploitation Less Likely	CWE-126: Buffer Over-read	Windows Storage Management Provider Information Disclosure Vulnerability CVSS vector: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C	2025-06-10	No	Reported By nerty_nerty(Ingyu Yang), Mukyoung Kwak, Seongheun Hong, Jaeseok Bae, Jiwon Jang, Seoyun Cho with Best of the Best 13th Team MSRC Gasan Dan Reynolds with MSRC Vulnerabilities & Mitigations insu with Theori
CVE-2025-33065	Windows Storage Management Provider Exploitation Unlikely	CWE-125: Out-of-bounds Read	Windows Storage Management Provider Information Disclosure Vulnerability CVSS vector: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C	2025-06-10	No	Reported By insu with Theori
CVE-2025-33063	Windows Storage Management Provider Exploitation Unlikely	CWE-125: Out-of-bounds Read	Windows Storage Management Provider Information Disclosure Vulnerability CVSS vector: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C	2025-06-10	No	Reported By Anonymous
CVE-2025-33062	Windows Storage Management Provider Exploitation Unlikely	CWE-125: Out-of-bounds Read	Windows Storage Management Provider Information Disclosure Vulnerability CVSS vector: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C	2025-06-10	No	Reported By insu with Theori
CVE-2025-33061	Windows Storage Management Provider Exploitation Unlikely	CWE-125: Out-of-bounds Read	Windows Storage Management Provider Information Disclosure Vulnerability CVSS vector: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C	2025-06-10	No	Reported By insu with Theori