Analyst command view

MSRC Driver CVE Board

Latest-state board for filtered MSRC CVEs from 2020-01-01 to today, tuned for fast triage across module, CWE, release window, exploitation signal, and acknowledgement context.

Live snapshot

Last Sync

2026-05-20T07:39:30Z

Freshness

2 day(s) ago

Refresh Policy

24h baseline + release watch

Storage

Latest snapshot only

Rows In View

4933

Current result set after filter and search.

Exploited Flagged

4189

Rows with a non-empty exploitation signal.

Distinct CWE

162

Unique weakness classes in this view.

Modules

1528

Unique inferred driver or component labels.

Module

CWE

Rows

Sort

Actions

Reset

Top CWE

162 classes

Unspecified2109 CWE-416: Use After Free443 CWE-122: Heap-based Buffer Overflow354 CWE-125: Out-of-bounds Read269 CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')147 CWE-20: Improper Input Validation142 CWE-190: Integer Overflow or Wraparound127 CWE-476: NULL Pointer Dereference126

Top Modules

1528 modules

Windows Kernel220 Windows Routing and Remote Access Service (RRAS)111 Windows Hyper-V101 Win32k100 Windows Graphics Component89 Windows Print Spooler69 Remote Procedure Call Runtime67 Microsoft Message Queuing (MSMQ)63

Release Month

June 2025

14 CVE | last update 2 day(s) ago

Release 2025-06-10 Patch Tuesday Count 13

CVE	Module	CWE	Title Advisory text and compact technical context	Release	Exploited	Acknowledgement
CVE-2025-33060	Windows Storage Management Provider Exploitation Unlikely	CWE-125: Out-of-bounds Read	Windows Storage Management Provider Information Disclosure Vulnerability CVSS vector: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C	2025-06-10	No	Reported By insu with Theori
CVE-2025-33059	Windows Storage Management Provider Exploitation Unlikely	CWE-125: Out-of-bounds Read	Windows Storage Management Provider Information Disclosure Vulnerability CVSS vector: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C	2025-06-10	No	Reported By insu with Theori
CVE-2025-33058	Windows Storage Management Provider Exploitation Less Likely	CWE-125: Out-of-bounds Read	Windows Storage Management Provider Information Disclosure Vulnerability CVSS vector: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C	2025-06-10	No	Reported By insu with Theori
CVE-2025-33055	Windows Storage Management Provider Exploitation Unlikely	CWE-125: Out-of-bounds Read	Windows Storage Management Provider Information Disclosure Vulnerability CVSS vector: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C	2025-06-10	No	Reported By Mukyoung Kwak, Seongheun Hong, Jaeseok Bae, Ingyu Yang, Jiwon Jang, Seoyun Cho with Best of the Best 13th Team MSRC Gasan
CVE-2025-32720	Windows Storage Management Provider Exploitation Unlikely	CWE-125: Out-of-bounds Read	Windows Storage Management Provider Information Disclosure Vulnerability CVSS vector: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C	2025-06-10	No	Reported By insu with Theori
CVE-2025-32719	Windows Storage Management Provider Exploitation Unlikely	CWE-125: Out-of-bounds Read	Windows Storage Management Provider Information Disclosure Vulnerability CVSS vector: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C	2025-06-10	No	Reported By insu with Theori
CVE-2025-24069	Windows Storage Management Provider Exploitation Less Likely	CWE-125: Out-of-bounds Read	Windows Storage Management Provider Information Disclosure Vulnerability CVSS vector: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C	2025-06-10	No	Reported By insu with Theori nerty_nerty(Ingyu Yang), Mukyoung Kwak, Seongheun Hong, Jaeseok Bae, Jiwon Jang, Seoyun Cho with Best of the Best 13th Team MSRC Gasan Mukyoung Kwak, Seongheun Hong, Jaeseok Bae, Ingyu Yang, Jiwon Jang, Seoyun Cho with Best of the Best 13th Team MSRC Gasan
CVE-2025-24065	Windows Storage Management Provider Exploitation Less Likely	CWE-125: Out-of-bounds Read	Windows Storage Management Provider Information Disclosure Vulnerability CVSS vector: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C	2025-06-10	No	Reported By nerty_nerty(Ingyu Yang), Mukyoung Kwak, Seongheun Hong, Jaeseok Bae, Jiwon Jang, Seoyun Cho with Best of the Best 13th Team MSRC Gasan Dan Reynolds with MSRC Vulnerabilities & Mitigations insu with Theori
CVE-2025-32716	Windows Media Exploitation Unlikely	CWE-125: Out-of-bounds Read	Windows Media Elevation of Privilege Vulnerability CVSS vector: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2025-06-10	No	Reported By Anonymous
CVE-2025-32715	Remote Desktop Protocol Client Exploitation Less Likely	CWE-125: Out-of-bounds Read	Remote Desktop Protocol Client Information Disclosure Vulnerability CVSS vector: AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C	2025-06-10	No	Reported By Fraunhofer FKIE CA&D
CVE-2025-33066	Windows Routing and Remote Access Service (RRAS) Exploitation Unlikely	CWE-122: Heap-based Buffer Overflow	Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability CVSS vector: AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2025-06-10	No	Reported By Anonymous with Codesafe Team of Legendsec at QI-ANXIN Group
CVE-2025-33064	Windows Routing and Remote Access Service (RRAS) Exploitation Unlikely	CWE-122: Heap-based Buffer Overflow	Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability CVSS vector: AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2025-06-10	No	Reported By Anonymous with Codesafe Team of Legendsec at QI-ANXIN Group
CVE-2025-32713	Windows Common Log File System Driver Exploitation More Likely	CWE-122: Heap-based Buffer Overflow	Windows Common Log File System Driver Elevation of Privilege Vulnerability CVSS vector: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2025-06-10	No	Reported By Seunghoe Kim with S2W Inc.

Release 2025-06-05 Other / OOB Count 1

CVE	Module	CWE	Title Advisory text and compact technical context	Release	Exploited	Acknowledgement
CVE-2025-47966	Power Automate N/A	CWE-200: Exposure of Sensitive Information to an Unauthorized Actor	Power Automate Elevation of Privilege Vulnerability CVSS vector: AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2025-06-05	No	Reported By Felix B.

Release Month

May 2025

36 CVE | last update 2 day(s) ago

Release 2025-05-27 Monthly Preview Count 3

CVE	Module	CWE	Title Advisory text and compact technical context	Release	Exploited	Acknowledgement
CVE-2023-37732	Yasm v1.3.0.78 was found prone to NULL Pointer Dereference in /libyasm/intnum.c and /elf/elf.c, which allows the attacker to cause a No latest release note	CWE-476: NULL Pointer Dereference	Yasm v1.3.0.78 was found prone to NULL Pointer Dereference in /libyasm/intnum.c and /elf/elf.c, which allows the attacker to cause a denial of service via a crafted file. CVSS vector: AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H	2025-05-27	-	-
CVE-2025-2953	PyTorch torch.mkldnn_max_pool2d No latest release note	CWE-404: Improper Resource Shutdown or Release	PyTorch torch.mkldnn_max_pool2d denial of service CVSS vector: AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L	2025-05-27	-	-
CVE-2023-51258	A memory leak issue discovered in YASM v.1.3.0 allows a local attacker to cause a No latest release note	CWE-401: Missing Release of Memory after Effective Lifetime	A memory leak issue discovered in YASM v.1.3.0 allows a local attacker to cause a denial of service via the new_Token function in the modules/preprocs/nasm/nasm-pp:1512. CVSS vector: AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H	2025-05-27	-	-

Release 2025-05-15 Other / OOB Count 3

CVE	Module	CWE	Title Advisory text and compact technical context	Release	Exploited	Acknowledgement
CVE-2022-25858	Regular Expression No latest release note	CWE-1333: Inefficient Regular Expression Complexity	Regular Expression Denial of Service (ReDoS) CVSS vector: AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L	2025-05-15	-	-
CVE-2024-39133	Heap Buffer Overflow vulnerability in zziplib v0.13.77 allows attackers to cause a No latest release note	CWE-122: Heap-based Buffer Overflow	Heap Buffer Overflow vulnerability in zziplib v0.13.77 allows attackers to cause a denial of service via the __zzip_parse_root_directory() function at /zzip/zip.c. CVSS vector: AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L	2025-05-15	-	-
CVE-2024-39134	A Stack Buffer Overflow vulnerability in zziplibv 0.13.77 allows attackers to cause a No latest release note	CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')	A Stack Buffer Overflow vulnerability in zziplibv 0.13.77 allows attackers to cause a denial of service via the __zzip_fetch_disk_trailer() function at /zzip/zip.c. CVSS vector: AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H	2025-05-15	-	-

Release 2025-05-13 Patch Tuesday Count 30

CVE	Module	CWE	Title Advisory text and compact technical context	Release	Exploited	Acknowledgement
CVE-2025-29829	Windows Trusted Runtime Interface Driver Exploitation Less Likely	CWE-908: Use of Uninitialized Resource	Windows Trusted Runtime Interface Driver Information Disclosure Vulnerability CVSS vector: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C	2025-05-13	No	Reported By Angelboy (@scwuaptx) with DEVCORE
CVE-2025-29959	Windows Routing and Remote Access Service (RRAS) Exploitation Unlikely	CWE-908: Use of Uninitialized Resource	Windows Routing and Remote Access Service (RRAS) Information Disclosure Vulnerability CVSS vector: AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C	2025-05-13	No	Reported By Anonymous with Codesafe Team of Legendsec at QI-ANXIN Group
CVE-2025-29958	Windows Routing and Remote Access Service (RRAS) Exploitation Unlikely	CWE-908: Use of Uninitialized Resource	Windows Routing and Remote Access Service (RRAS) Information Disclosure Vulnerability CVSS vector: AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C	2025-05-13	No	Reported By Anonymous with Codesafe Team of Legendsec at QI-ANXIN Group
CVE-2025-29830	Windows Routing and Remote Access Service (RRAS) Exploitation Unlikely	CWE-908: Use of Uninitialized Resource	Windows Routing and Remote Access Service (RRAS) Information Disclosure Vulnerability CVSS vector: AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C	2025-05-13	No	Reported By Anonymous with Codesafe Team of Legendsec at QI-ANXIN Group
CVE-2025-27488	Microsoft Windows Hardware Lab Kit (HLK) Exploitation Less Likely	CWE-798: Use of Hard-coded Credentials	Microsoft Windows Hardware Lab Kit (HLK) Elevation of Privilege Vulnerability CVSS vector: AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2025-05-13	No	Reported By Microsoft
CVE-2025-29837	Windows Installer Exploitation Unlikely	CWE-59: Improper Link Resolution Before File Access ('Link Following')	Windows Installer Information Disclosure Vulnerability CVSS vector: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C	2025-05-13	No	Reported By Simon Zuckerbraun of Trend Zero Day Initiative
CVE-2025-29975	Microsoft PC Manager Exploitation Less Likely	CWE-59: Improper Link Resolution Before File Access ('Link Following')	Microsoft PC Manager Elevation of Privilege Vulnerability CVSS vector: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2025-05-13	No	Reported By Simon (@sim0nsecurity) Anonymous working with Trend Zero Day Initiative
CVE-2025-30394	Windows Remote Desktop Gateway (RD Gateway) Exploitation Unlikely	CWE-591: Sensitive Data Storage in Improperly Locked Memory	Windows Remote Desktop Gateway (RD Gateway) Denial of Service Vulnerability CVSS vector: AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C	2025-05-13	No	Reported By Anonymous bee13oy with Cyber Kunlun Lab ʌ!ɔ⊥ojv with Kunlun Lab SmallerDragon Anonymous working with Trend Zero Day Initiative
CVE-2025-29838	Windows ExecutionContext Driver Exploitation Unlikely	CWE-476: NULL Pointer Dereference	Windows ExecutionContext Driver Elevation of Privilege Vulnerability CVSS vector: AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2025-05-13	No	Reported By Jongseong Kim (nevul37) with Ajou University, and working at ENKI WhiteHat Dongjun Kim (smlijun) with Ajou University, and working at ENKI WhiteHat
CVE-2025-29831	Windows Remote Desktop Services Exploitation Unlikely	CWE-416: Use After Free	Windows Remote Desktop Services Remote Code Execution Vulnerability CVSS vector: AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2025-05-13	No	Reported By ʌ!ɔ⊥ojv with Kunlun Lab
CVE-2025-32701	Windows Common Log File System Driver Exploitation Detected	CWE-416: Use After Free	Windows Common Log File System Driver Elevation of Privilege Vulnerability CVSS vector: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C	2025-05-13	Yes	Reported By Microsoft Threat Intelligence Center
CVE-2025-30385	Windows Common Log File System Driver Exploitation More Likely	CWE-416: Use After Free	Windows Common Log File System Driver Elevation of Privilege Vulnerability CVSS vector: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2025-05-13	No	Reported By George Hughey with MSRC Vulnerabilities & Mitigations Dan Reynolds with MSRC Vulnerabilities & Mitigations
CVE-2025-32709	Windows Ancillary Function Driver for WinSock Exploitation Detected	CWE-416: Use After Free	Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability CVSS vector: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2025-05-13	Yes	Reported By Anonymous
CVE-2025-30400	Microsoft DWM Core Library Exploitation Detected	CWE-416: Use After Free	Microsoft DWM Core Library Elevation of Privilege Vulnerability CVSS vector: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C	2025-05-13	Yes	Reported By Microsoft Threat Intelligence Center
CVE-2025-29970	Microsoft Brokering File System Exploitation Less Likely	CWE-416: Use After Free	Microsoft Brokering File System Elevation of Privilege Vulnerability CVSS vector: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2025-05-13	No	Reported By hazard Maxime Villard, of M.O.R.S.E.
CVE-2025-26677	Windows Remote Desktop Gateway (RD Gateway) Exploitation Less Likely	CWE-400: Uncontrolled Resource Consumption	Windows Remote Desktop Gateway (RD Gateway) Denial of Service Vulnerability CVSS vector: AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C	2025-05-13	No	Reported By ʌ!ɔ⊥ojv with Kunlun Lab k0shl with Kunlun Lab
CVE-2025-29954	Windows Lightweight Directory Access Protocol (LDAP) Exploitation Unlikely	CWE-400: Uncontrolled Resource Consumption	Windows Lightweight Directory Access Protocol (LDAP) Denial of Service Vulnerability CVSS vector: AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C	2025-05-13	No	Reported By Erik Egsgard with Field Effect Dan Reynolds
CVE-2025-29957	Windows Deployment Services Exploitation Unlikely	CWE-400: Uncontrolled Resource Consumption	Windows Deployment Services Denial of Service Vulnerability CVSS vector: AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C	2025-05-13	No	Reported By R4nger & Zhiniang Peng
CVE-2025-29833	Microsoft Virtual Machine Bus (VMBus) Exploitation Less Likely	CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition	Microsoft Virtual Machine Bus (VMBus) Remote Code Execution Vulnerability CVSS vector: AV:L/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C	2025-05-13	No	Reported By Chief Banana
CVE-2025-29969	MS-EVEN RPC Exploitation Less Likely	CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition	MS-EVEN RPC Remote Code Execution Vulnerability CVSS vector: AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2025-05-13	No	Reported By Yarin Aharoni with SafeBreach
CVE-2025-29841	Universal Print Management Service Exploitation More Likely	CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') CWE-416: Use After Free	Universal Print Management Service Elevation of Privilege Vulnerability CVSS vector: AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2025-05-13	No	Reported By Byunghyun Kang with Sejong University
CVE-2025-27468	Windows Kernel-Mode Driver Exploitation Less Likely	CWE-269: Improper Privilege Management	Windows Kernel-Mode Driver Elevation of Privilege Vulnerability CVSS vector: AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2025-05-13	No	Reported By Naceri with MSRC Vulnerabilities & Mitigations
CVE-2025-30387	Document Intelligence Studio On-Prem Exploitation Unlikely	CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')	Document Intelligence Studio On-Prem Elevation of Privilege Vulnerability CVSS vector: AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2025-05-13	No	Reported By Yanir Tsarimi
CVE-2025-29955	Windows Hyper-V Exploitation Unlikely	CWE-20: Improper Input Validation	Windows Hyper-V Denial of Service Vulnerability CVSS vector: AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C	2025-05-13	No	Reported By MORSE with Microsoft
CVE-2025-32706	Windows Common Log File System Driver Exploitation Detected	CWE-20: Improper Input Validation	Windows Common Log File System Driver Elevation of Privilege Vulnerability CVSS vector: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C	2025-05-13	Yes	Reported By CrowdStrike Advanced Research Team Benoit Sevens of Google Threat Intelligence Group
CVE-2025-29968	Active Directory Certificate Services (AD CS) Exploitation Unlikely	CWE-20: Improper Input Validation	Active Directory Certificate Services (AD CS) Denial of Service Vulnerability CVSS vector: AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C	2025-05-13	No	Reported By Anonymous
CVE-2025-29974	Windows Kernel Exploitation Unlikely	CWE-191: Integer Underflow (Wrap or Wraparound) CWE-125: Out-of-bounds Read	Windows Kernel Information Disclosure Vulnerability CVSS vector: AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C	2025-05-13	No	Reported By Anonymous
CVE-2025-29956	Windows SMB Exploitation Unlikely	CWE-126: Buffer Over-read	Windows SMB Information Disclosure Vulnerability CVSS vector: AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:N/A:L/E:U/RL:O/RC:C	2025-05-13	No	Reported By Genghis Karimov with Microsoft High Availability Storage Group
CVE-2025-29961	Windows Routing and Remote Access Service (RRAS) Exploitation Unlikely	CWE-125: Out-of-bounds Read	Windows Routing and Remote Access Service (RRAS) Information Disclosure Vulnerability CVSS vector: AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C	2025-05-13	No	Reported By Anonymous with Codesafe Team of Legendsec at QI-ANXIN Group
CVE-2025-29960	Windows Routing and Remote Access Service (RRAS) Exploitation Unlikely	CWE-125: Out-of-bounds Read	Windows Routing and Remote Access Service (RRAS) Information Disclosure Vulnerability CVSS vector: AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C	2025-05-13	No	Reported By Anonymous with Codesafe Team of Legendsec at QI-ANXIN Group