Analyst command view

MSRC Driver CVE Board

Latest-state board for filtered MSRC CVEs from 2020-01-01 to today, tuned for fast triage across module, CWE, release window, exploitation signal, and acknowledgement context.

Live snapshot

Last Sync

2026-05-22T10:50:34Z

Freshness

8 minute(s) ago

Refresh Policy

24h baseline + release watch

Storage

Latest snapshot only

Rows In View

4943

Current result set after filter and search.

Exploited Flagged

4193

Rows with a non-empty exploitation signal.

Distinct CWE

162

Unique weakness classes in this view.

Modules

1535

Unique inferred driver or component labels.

Module

CWE

Rows

Sort

Actions

Reset

Top CWE

162 classes

Unspecified2109 CWE-416: Use After Free443 CWE-122: Heap-based Buffer Overflow356 CWE-125: Out-of-bounds Read269 CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')147 CWE-20: Improper Input Validation142 CWE-190: Integer Overflow or Wraparound127 CWE-476: NULL Pointer Dereference126

Top Modules

1535 modules

Windows Kernel220 Windows Routing and Remote Access Service (RRAS)111 Windows Hyper-V101 Win32k100 Windows Graphics Component89 Windows Print Spooler69 Remote Procedure Call Runtime67 Microsoft Message Queuing (MSMQ)63

Release Month

April 2025

50 CVE | last update 8 minute(s) ago

Release 2025-04-08 Patch Tuesday Count 50

CVE	Module	CWE	Title Advisory text and compact technical context	Release	Exploited	Acknowledgement
CVE-2025-27480	Windows Remote Desktop Services Exploitation More Likely	CWE-416: Use After Free	Windows Remote Desktop Services Remote Code Execution Vulnerability CVSS vector: AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2025-04-08	No	Reported By ʌ!ɔ⊥ojv with Kunlun Lab
CVE-2025-26671	Windows Remote Desktop Services Exploitation Less Likely	CWE-416: Use After Free CWE-591: Sensitive Data Storage in Improperly Locked Memory	Windows Remote Desktop Services Remote Code Execution Vulnerability CVSS vector: AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2025-04-08	No	Reported By ʌ!ɔ⊥ojv with Kunlun Lab
CVE-2025-26663	Windows Lightweight Directory Access Protocol (LDAP) Exploitation More Likely	CWE-416: Use After Free	Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability CVSS vector: AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2025-04-08	No	Reported By Kunlun Lab with https://www.cyberkl.com/
CVE-2025-27491	Windows Hyper-V Exploitation Less Likely	CWE-416: Use After Free	Windows Hyper-V Remote Code Execution Vulnerability CVSS vector: AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2025-04-08	No	Reported By Chief Banana
CVE-2025-27730	Windows Digital Media Exploitation Less Likely	CWE-416: Use After Free CWE-415: Double Free	Windows Digital Media Elevation of Privilege Vulnerability CVSS vector: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2025-04-08	No	Reported By Jongseong Kim (nevul37) and Dongjun Kim (smlijun) with Ajou University, and working at ENKI WhiteHat
CVE-2025-27476	Windows Digital Media Exploitation Less Likely	CWE-416: Use After Free	Windows Digital Media Elevation of Privilege Vulnerability CVSS vector: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2025-04-08	No	Reported By Jongseong Kim (nevul37) and Dongjun Kim (smlijun) with Ajou University, and working at ENKI WhiteHat
CVE-2025-26640	Windows Digital Media Exploitation Less Likely	CWE-416: Use After Free CWE-415: Double Free	Windows Digital Media Elevation of Privilege Vulnerability CVSS vector: AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2025-04-08	No	Reported By Anonymous
CVE-2025-29824	Windows Common Log File System Driver Exploitation Detected	CWE-416: Use After Free	Windows Common Log File System Driver Elevation of Privilege Vulnerability CVSS vector: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C	2025-04-08	Yes	Reported By Microsoft Threat Intelligence Center
CVE-2025-26687	Win32k Exploitation Less Likely	CWE-416: Use After Free	Win32k Elevation of Privilege Vulnerability CVSS vector: AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2025-04-08	No	Reported By Anonymous
CVE-2025-26681	Win32k Exploitation Less Likely	CWE-416: Use After Free	Win32k Elevation of Privilege Vulnerability CVSS vector: AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C	2025-04-08	No	Reported By Anonymous
CVE-2025-26679	RPC Endpoint Mapper Service Exploitation Less Likely	CWE-416: Use After Free	RPC Endpoint Mapper Service Elevation of Privilege Vulnerability CVSS vector: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2025-04-08	No	Reported By Zhang WangJunJie, He YiSheng with Hillstone Networks
CVE-2025-26670	Lightweight Directory Access Protocol (LDAP) Client Exploitation More Likely	CWE-416: Use After Free	Lightweight Directory Access Protocol (LDAP) Client Remote Code Execution Vulnerability CVSS vector: AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2025-04-08	No	Reported By Anonymous
CVE-2025-27486	Windows Standards-Based Storage Management Service Exploitation Less Likely	CWE-400: Uncontrolled Resource Consumption	Windows Standards-Based Storage Management Service Denial of Service Vulnerability CVSS vector: AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C	2025-04-08	No	Reported By Azure Yang with Kunlun Lab
CVE-2025-27485	Windows Standards-Based Storage Management Service Exploitation Less Likely	CWE-400: Uncontrolled Resource Consumption	Windows Standards-Based Storage Management Service Denial of Service Vulnerability CVSS vector: AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C	2025-04-08	No	Reported By Azure Yang with Kunlun Lab
CVE-2025-27470	Windows Standards-Based Storage Management Service Exploitation Less Likely	CWE-400: Uncontrolled Resource Consumption	Windows Standards-Based Storage Management Service Denial of Service Vulnerability CVSS vector: AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C	2025-04-08	No	Reported By k0shl with Kunlun Lab
CVE-2025-26680	Windows Standards-Based Storage Management Service Exploitation Less Likely	CWE-400: Uncontrolled Resource Consumption	Windows Standards-Based Storage Management Service Denial of Service Vulnerability CVSS vector: AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C	2025-04-08	No	Reported By Azure Yang with Kunlun Lab
CVE-2025-26652	Windows Standards-Based Storage Management Service Exploitation Less Likely	CWE-400: Uncontrolled Resource Consumption	Windows Standards-Based Storage Management Service Denial of Service Vulnerability CVSS vector: AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C	2025-04-08	No	Reported By k0shl with Kunlun Lab
CVE-2025-21174	Windows Standards-Based Storage Management Service Exploitation Less Likely	CWE-400: Uncontrolled Resource Consumption	Windows Standards-Based Storage Management Service Denial of Service Vulnerability CVSS vector: AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C	2025-04-08	No	Reported By Microsoft SMIS Team Zhiniang Peng with HUST and wh1tc with kunlun lab
CVE-2025-27469	Windows Lightweight Directory Access Protocol (LDAP) Exploitation Less Likely	CWE-400: Uncontrolled Resource Consumption	Windows Lightweight Directory Access Protocol (LDAP) Denial of Service Vulnerability CVSS vector: AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C	2025-04-08	No	Reported By Azure Yang with Kunlun Lab
CVE-2025-26673	Windows Lightweight Directory Access Protocol (LDAP) Exploitation Less Likely	CWE-400: Uncontrolled Resource Consumption	Windows Lightweight Directory Access Protocol (LDAP) Denial of Service Vulnerability CVSS vector: AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C	2025-04-08	No	Reported By Azure Yang with Kunlun Lab Or Yair and Shahak Morag with SafeBreach
CVE-2025-26641	Microsoft Message Queuing (MSMQ) Exploitation Less Likely	CWE-400: Uncontrolled Resource Consumption	Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability CVSS vector: AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C	2025-04-08	No	Reported By Azure Yang with Kunlun Lab
CVE-2025-27473	HTTP.sys Exploitation Less Likely	CWE-400: Uncontrolled Resource Consumption	HTTP.sys Denial of Service Vulnerability CVSS vector: AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C	2025-04-08	No	Reported By k0shl with Kunlun Lab
CVE-2025-21191	Windows Local Security Authority (LSA) Exploitation Less Likely	CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition	Windows Local Security Authority (LSA) Elevation of Privilege Vulnerability CVSS vector: AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2025-04-08	No	Reported By Microsoft Offensive Research & Security Engineering with Microsoft
CVE-2025-27492	Windows Secure Channel Exploitation Less Likely	CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') CWE-416: Use After Free	Windows Secure Channel Elevation of Privilege Vulnerability CVSS vector: AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2025-04-08	No	Reported By Anonymous
CVE-2025-26649	Windows Secure Channel Exploitation Less Likely	CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') CWE-416: Use After Free	Windows Secure Channel Elevation of Privilege Vulnerability CVSS vector: AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2025-04-08	No	Reported By Anonymous
CVE-2025-27738	Windows Resilient File System (ReFS) Exploitation Less Likely	CWE-284: Improper Access Control	Windows Resilient File System (ReFS) Information Disclosure Vulnerability CVSS vector: AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C	2025-04-08	No	Reported By Sébastien Huneault with Cégep de l'Outaouais
CVE-2025-21197	Windows NTFS Exploitation Less Likely	CWE-284: Improper Access Control	Windows NTFS Information Disclosure Vulnerability CVSS vector: AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C	2025-04-08	No	Reported By Sébastien Huneault with CyberQuébec
CVE-2025-29810	Active Directory Domain Services Exploitation Less Likely	CWE-284: Improper Access Control	Active Directory Domain Services Elevation of Privilege Vulnerability CVSS vector: AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2025-04-08	No	Reported By Matthieu Buffet
CVE-2025-29811	Windows Mobile Broadband Driver Exploitation Less Likely	CWE-20: Improper Input Validation CWE-122: Heap-based Buffer Overflow CWE-125: Out-of-bounds Read	Windows Mobile Broadband Driver Elevation of Privilege Vulnerability CVSS vector: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2025-04-08	No	Reported By Anonymous
CVE-2025-24058	Windows DWM Core Library Exploitation Less Likely	CWE-20: Improper Input Validation	Windows DWM Core Library Elevation of Privilege Vulnerability CVSS vector: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2025-04-08	No	Reported By YanZiShuang@BigCJTeam of cyberkl
CVE-2025-29821	Microsoft Dynamics Business Central Exploitation Less Likely	CWE-20: Improper Input Validation	Microsoft Dynamics Business Central Information Disclosure Vulnerability CVSS vector: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C	2025-04-08	No	Reported By Nicklas Broberg Larsson with Navigot AB
CVE-2025-24074	Microsoft DWM Core Library Exploitation Less Likely	CWE-20: Improper Input Validation	Microsoft DWM Core Library Elevation of Privilege Vulnerability CVSS vector: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2025-04-08	No	Reported By YanZiShuang@BigCJTeam of cyberkl
CVE-2025-24073	Microsoft DWM Core Library Exploitation Less Likely	CWE-20: Improper Input Validation	Microsoft DWM Core Library Elevation of Privilege Vulnerability CVSS vector: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2025-04-08	No	Reported By YanZiShuang@BigCJTeam of cyberkl Microsoft Offensive Research & Security Engineering (MORSE) with Microsoft
CVE-2025-24062	Microsoft DWM Core Library Exploitation Less Likely	CWE-20: Improper Input Validation	Microsoft DWM Core Library Elevation of Privilege Vulnerability CVSS vector: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2025-04-08	No	Reported By YanZiShuang@BigCJTeam of cyberkl
CVE-2025-24060	Microsoft DWM Core Library Exploitation Less Likely	CWE-20: Improper Input Validation	Microsoft DWM Core Library Elevation of Privilege Vulnerability CVSS vector: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2025-04-08	No	Reported By YanZiShuang@BigCJTeam of cyberkl
CVE-2025-26667	Windows Routing and Remote Access Service (RRAS) Exploitation Less Likely	CWE-200: Exposure of Sensitive Information to an Unauthorized Actor	Windows Routing and Remote Access Service (RRAS) Information Disclosure Vulnerability CVSS vector: AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C	2025-04-08	No	Reported By Anonymous
CVE-2025-27736	Windows Power Dependency Coordinator Exploitation Less Likely	CWE-200: Exposure of Sensitive Information to an Unauthorized Actor	Windows Power Dependency Coordinator Information Disclosure Vulnerability CVSS vector: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C	2025-04-08	No	Reported By Microsoft Offensive Research & Security Engineering
CVE-2025-26639	Windows USB Print Driver Exploitation Less Likely	CWE-190: Integer Overflow or Wraparound CWE-122: Heap-based Buffer Overflow	Windows USB Print Driver Elevation of Privilege Vulnerability CVSS vector: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2025-04-08	No	Reported By Angelboy (@scwuaptx) with DEVCORE
CVE-2025-27740	Active Directory Certificate Services Exploitation Less Likely	CWE-1390: Weak Authentication	Active Directory Certificate Services Elevation of Privilege Vulnerability CVSS vector: AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2025-04-08	No	Reported By Konstantin Ruhmann with Volkswagen Financial Services AG
CVE-2025-26676	Windows Routing and Remote Access Service (RRAS) Exploitation Less Likely	CWE-126: Buffer Over-read	Windows Routing and Remote Access Service (RRAS) Information Disclosure Vulnerability CVSS vector: AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C	2025-04-08	No	Reported By Anonymous
CVE-2025-26672	Windows Routing and Remote Access Service (RRAS) Exploitation Less Likely	CWE-126: Buffer Over-read	Windows Routing and Remote Access Service (RRAS) Information Disclosure Vulnerability CVSS vector: AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C	2025-04-08	No	Reported By Anonymous with Codesafe Team of Legendsec at QI-ANXIN Group
CVE-2025-26664	Windows Routing and Remote Access Service (RRAS) Exploitation Less Likely	CWE-126: Buffer Over-read	Windows Routing and Remote Access Service (RRAS) Information Disclosure Vulnerability CVSS vector: AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C	2025-04-08	No	Reported By Anonymous
CVE-2025-21203	Windows Routing and Remote Access Service (RRAS) Exploitation Less Likely	CWE-126: Buffer Over-read	Windows Routing and Remote Access Service (RRAS) Information Disclosure Vulnerability CVSS vector: AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C	2025-04-08	No	Reported By Anonymous
CVE-2025-26675	Windows Subsystem for Linux Exploitation Less Likely	CWE-125: Out-of-bounds Read	Windows Subsystem for Linux Elevation of Privilege Vulnerability CVSS vector: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2025-04-08	No	Reported By Angelboy (@scwuaptx) with DEVCORE
CVE-2025-26669	Windows Routing and Remote Access Service (RRAS) Exploitation Less Likely	CWE-125: Out-of-bounds Read	Windows Routing and Remote Access Service (RRAS) Information Disclosure Vulnerability CVSS vector: AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2025-04-08	No	Reported By Anonymous with Codesafe Team of Legendsec at QI-ANXIN Group
CVE-2025-27728	Windows Kernel-Mode Driver Exploitation Less Likely	CWE-125: Out-of-bounds Read	Windows Kernel-Mode Driver Elevation of Privilege Vulnerability CVSS vector: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2025-04-08	No	Reported By Anonymous
CVE-2025-27742	NTFS Exploitation Less Likely	CWE-125: Out-of-bounds Read	NTFS Information Disclosure Vulnerability CVSS vector: AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C	2025-04-08	No	Reported By George Hughey with MSRC Vulnerabilities & Mitigations
CVE-2025-27741	NTFS Exploitation Less Likely	CWE-125: Out-of-bounds Read	NTFS Elevation of Privilege Vulnerability CVSS vector: AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2025-04-08	No	Reported By Will Dormann with Vul Labs
CVE-2025-27733	NTFS Exploitation Less Likely	CWE-125: Out-of-bounds Read	NTFS Elevation of Privilege Vulnerability CVSS vector: AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2025-04-08	No	Reported By Will Dormann with Vul Labs
CVE-2025-27483	NTFS Exploitation Less Likely	CWE-125: Out-of-bounds Read	NTFS Elevation of Privilege Vulnerability CVSS vector: AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2025-04-08	No	Reported By Will Dormann with Vul Labs