Analyst command view

MSRC Driver CVE Board

Latest-state board for filtered MSRC CVEs from 2020-01-01 to today, tuned for fast triage across module, CWE, release window, exploitation signal, and acknowledgement context.

Live snapshot

Last Sync

2026-05-20T07:39:30Z

Freshness

1 day(s) ago

Refresh Policy

24h baseline + release watch

Storage

Latest snapshot only

Rows In View

4933

Current result set after filter and search.

Exploited Flagged

4189

Rows with a non-empty exploitation signal.

Distinct CWE

162

Unique weakness classes in this view.

Modules

1528

Unique inferred driver or component labels.

Module

CWE

Rows

Sort

Actions

Reset

Top CWE

162 classes

Unspecified2109 CWE-416: Use After Free443 CWE-122: Heap-based Buffer Overflow354 CWE-125: Out-of-bounds Read269 CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')147 CWE-20: Improper Input Validation142 CWE-190: Integer Overflow or Wraparound127 CWE-476: NULL Pointer Dereference126

Top Modules

1528 modules

Windows Kernel220 Windows Routing and Remote Access Service (RRAS)111 Windows Hyper-V101 Win32k100 Windows Graphics Component89 Windows Print Spooler69 Remote Procedure Call Runtime67 Microsoft Message Queuing (MSMQ)63

Release Month

April 2026

50 CVE | last update 1 day(s) ago

Release 2026-04-14 Patch Tuesday Count 50

CVE	Module	CWE	Title Advisory text and compact technical context	Release	Exploited	Acknowledgement
CVE-2026-27917	Windows WFP NDIS Lightweight Filter Driver (wfplwfs.sys) Exploitation Less Likely	CWE-416: Use After Free	Windows WFP NDIS Lightweight Filter Driver (wfplwfs.sys) Elevation of Privilege Vulnerability CVSS vector: AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2026-04-14	No	Reported By Angelboy (@scwuaptx) with DEVCORE
CVE-2026-32165	Windows User Interface Core Exploitation Less Likely	CWE-416: Use After Free CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')	Windows User Interface Core Elevation of Privilege Vulnerability CVSS vector: AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C	2026-04-14	No	Reported By Anonymous
CVE-2026-32156	Windows UPnP Device Host Exploitation Less Likely	CWE-416: Use After Free	Windows UPnP Device Host Remote Code Execution Vulnerability CVSS vector: AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2026-04-14	No	Reported By Anonymous
CVE-2026-32075	Windows UPnP Device Host Exploitation More Likely	CWE-416: Use After Free	Windows UPnP Device Host Elevation of Privilege Vulnerability CVSS vector: AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2026-04-14	No	Reported By Anonymous
CVE-2026-27925	Windows UPnP Device Host Exploitation Less Likely	CWE-416: Use After Free	Windows UPnP Device Host Information Disclosure Vulnerability CVSS vector: AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C	2026-04-14	No	Reported By Anonymous
CVE-2026-27916	Windows UPnP Device Host Exploitation Less Likely	CWE-416: Use After Free	Windows UPnP Device Host Elevation of Privilege Vulnerability CVSS vector: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2026-04-14	No	Reported By Anonymous
CVE-2026-27915	Windows UPnP Device Host Exploitation Less Likely	CWE-416: Use After Free	Windows UPnP Device Host Elevation of Privilege Vulnerability CVSS vector: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2026-04-14	No	Reported By Anonymous
CVE-2026-27908	Windows TDI Translation Driver (tdx.sys) Exploitation More Likely	CWE-416: Use After Free	Windows TDI Translation Driver (tdx.sys) Elevation of Privilege Vulnerability CVSS vector: AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2026-04-14	No	Reported By Angelboy (@scwuaptx) with DEVCORE
CVE-2026-32153	Windows Speech Runtime Exploitation Less Likely	CWE-416: Use After Free CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')	Windows Speech Runtime Elevation of Privilege Vulnerability CVSS vector: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2026-04-14	No	Reported By Anonymous
CVE-2026-32089	Windows Speech Brokered Api Exploitation Less Likely	CWE-416: Use After Free CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')	Windows Speech Brokered Api Elevation of Privilege Vulnerability CVSS vector: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2026-04-14	No	Reported By Anonymous
CVE-2026-26165	Windows Shell Exploitation Less Likely	CWE-416: Use After Free	Windows Shell Elevation of Privilege Vulnerability CVSS vector: AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2026-04-14	No	Reported By Anonymous
CVE-2026-32224	Windows Server Update Service (WSUS) Exploitation Unlikely	CWE-416: Use After Free	Windows Server Update Service (WSUS) Elevation of Privilege Vulnerability CVSS vector: AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2026-04-14	No	Reported By Anonymous
CVE-2026-27909	Windows Search Service Exploitation More Likely	CWE-416: Use After Free	Windows Search Service Elevation of Privilege Vulnerability CVSS vector: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2026-04-14	No	Reported By Jongseong Kim (nevul37), SEC-agent team
CVE-2026-32078	Windows Projected File System Exploitation Less Likely	CWE-416: Use After Free	Windows Projected File System Elevation of Privilege Vulnerability CVSS vector: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2026-04-14	No	Reported By ChenJian with Sea Security Orca Team
CVE-2026-33101	Windows Print Spooler Exploitation Unlikely	CWE-416: Use After Free	Windows Print Spooler Elevation of Privilege Vulnerability CVSS vector: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2026-04-14	No	Reported By Nafiez with NLab Security
CVE-2026-33098	Windows Container Isolation FS Filter Driver Exploitation Unlikely	CWE-416: Use After Free	Windows Container Isolation FS Filter Driver Elevation of Privilege Vulnerability CVSS vector: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2026-04-14	No	Reported By Anonymous
CVE-2026-32070	Windows Common Log File System Driver Exploitation More Likely	CWE-416: Use After Free	Windows Common Log File System Driver Elevation of Privilege Vulnerability CVSS vector: AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2026-04-14	No	Reported By Joe Desimone with Elastic Security Daniel Dutra with Templo Henrique with Templo
CVE-2026-33100	Windows Ancillary Function Driver for WinSock Exploitation Less Likely	CWE-416: Use After Free	Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability CVSS vector: AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2026-04-14	No	Reported By Anonymous working with TrendAI Zero Day Initiative
CVE-2026-33099	Windows Ancillary Function Driver for WinSock Exploitation Less Likely	CWE-416: Use After Free	Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability CVSS vector: AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2026-04-14	No	Reported By Anonymous working with TrendAI Zero Day Initiative
CVE-2026-32073	Windows Ancillary Function Driver for WinSock Exploitation Less Likely	CWE-416: Use After Free	Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability CVSS vector: AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2026-04-14	No	Reported By Anonymous working with TrendAI Zero Day Initiative
CVE-2026-27922	Windows Ancillary Function Driver for WinSock Exploitation Less Likely	CWE-416: Use After Free	Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability CVSS vector: AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2026-04-14	No	Reported By Angelboy (@scwuaptx) with DEVCORE
CVE-2026-26182	Windows Ancillary Function Driver for WinSock Exploitation Less Likely	CWE-416: Use After Free	Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability CVSS vector: AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2026-04-14	No	Reported By Angelboy (@scwuaptx) with DEVCORE
CVE-2026-26177	Windows Ancillary Function Driver for WinSock Exploitation Less Likely	CWE-416: Use After Free	Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability CVSS vector: AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2026-04-14	No	Reported By Angelboy (@scwuaptx) with DEVCORE her0m4nt
CVE-2026-32157	Remote Desktop Client Exploitation Less Likely	CWE-416: Use After Free	Remote Desktop Client Remote Code Execution Vulnerability CVSS vector: AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2026-04-14	No	Reported By pwn2addr
CVE-2026-26181	Microsoft Brokering File System Exploitation Less Likely	CWE-416: Use After Free CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')	Microsoft Brokering File System Elevation of Privilege Vulnerability CVSS vector: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2026-04-14	No	Reported By hazard
CVE-2026-32155	Desktop Window Manager Exploitation Less Likely	CWE-416: Use After Free	Desktop Window Manager Elevation of Privilege Vulnerability CVSS vector: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2026-04-14	No	Reported By Joe Desimone with Elastic Security
CVE-2026-32154	Desktop Window Manager Exploitation More Likely	CWE-416: Use After Free	Desktop Window Manager Elevation of Privilege Vulnerability CVSS vector: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2026-04-14	No	Reported By Joe Desimone with Elastic Security
CVE-2026-32152	Desktop Window Manager Exploitation More Likely	CWE-416: Use After Free	Desktop Window Manager Elevation of Privilege Vulnerability CVSS vector: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2026-04-14	No	Reported By Joe Desimone with Elastic Security
CVE-2026-27924	Desktop Window Manager Exploitation Less Likely	CWE-416: Use After Free	Desktop Window Manager Elevation of Privilege Vulnerability CVSS vector: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2026-04-14	No	Reported By Varun Goel
CVE-2026-27923	Desktop Window Manager Exploitation Less Likely	CWE-416: Use After Free	Desktop Window Manager Elevation of Privilege Vulnerability CVSS vector: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2026-04-14	No	Reported By Varun Goel
CVE-2026-26166	Windows Shell Exploitation Less Likely	CWE-415: Double Free	Windows Shell Elevation of Privilege Vulnerability CVSS vector: AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2026-04-14	No	Reported By Anonymous
CVE-2026-32074	Windows Projected File System Exploitation Less Likely	CWE-415: Double Free	Windows Projected File System Elevation of Privilege Vulnerability CVSS vector: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2026-04-14	No	Reported By ChenJian with Sea Security Orca Team
CVE-2026-32069	Windows Projected File System Exploitation Less Likely	CWE-415: Double Free	Windows Projected File System Elevation of Privilege Vulnerability CVSS vector: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2026-04-14	No	Reported By ChenJian with Sea Security Orca Team
CVE-2026-26179	Windows Kernel Exploitation Less Likely	CWE-415: Double Free	Windows Kernel Elevation of Privilege Vulnerability CVSS vector: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2026-04-14	No	Reported By fastfail working with TrendAI Zero Day Initiative
CVE-2026-26163	Windows Kernel Exploitation Less Likely	CWE-415: Double Free	Windows Kernel Elevation of Privilege Vulnerability CVSS vector: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2026-04-14	No	Reported By Samer Karim with Microsoft Inc.
CVE-2026-32219	Microsoft Brokering File System Exploitation Unlikely	CWE-415: Double Free CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')	Microsoft Brokering File System Elevation of Privilege Vulnerability CVSS vector: AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2026-04-14	No	Reported By hazard
CVE-2026-27929	Windows LUA File Virtualization Filter Driver Exploitation Less Likely	CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition	Windows LUA File Virtualization Filter Driver Elevation of Privilege Vulnerability CVSS vector: AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2026-04-14	No	Reported By Souhail Hammou
CVE-2026-32164	Windows User Interface Core Exploitation Less Likely	CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')	Windows User Interface Core Elevation of Privilege Vulnerability CVSS vector: AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C	2026-04-14	No	Reported By Anonymous
CVE-2026-32163	Windows User Interface Core Exploitation Unlikely	CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') CWE-416: Use After Free	Windows User Interface Core Elevation of Privilege Vulnerability CVSS vector: AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C	2026-04-14	No	Reported By Anonymous
CVE-2026-27911	Windows User Interface Core Exploitation Unlikely	CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') CWE-416: Use After Free	Windows User Interface Core Elevation of Privilege Vulnerability CVSS vector: AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C	2026-04-14	No	Reported By Anonymous
CVE-2026-27921	Windows TDI Translation Driver (tdx.sys) Exploitation More Likely	CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') CWE-416: Use After Free	Windows TDI Translation Driver (tdx.sys) Elevation of Privilege Vulnerability CVSS vector: AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2026-04-14	No	Reported By Angelboy (@scwuaptx) with DEVCORE
CVE-2026-33827	Windows TCP/IP Exploitation Less Likely	CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')	Windows TCP/IP Remote Code Execution Vulnerability CVSS vector: AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2026-04-14	No	Reported By WARP & MORSE team at Microsoft
CVE-2026-32090	Windows Speech Brokered Api Exploitation Unlikely	CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') CWE-416: Use After Free	Windows Speech Brokered Api Elevation of Privilege Vulnerability CVSS vector: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2026-04-14	No	Reported By Anonymous
CVE-2026-32083	Windows Simple Search and Discovery Protocol (SSDP) Service Exploitation Less Likely	CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')	Windows Simple Search and Discovery Protocol (SSDP) Service Elevation of Privilege Vulnerability CVSS vector: AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2026-04-14	No	Reported By Anonymous
CVE-2026-32082	Windows Simple Search and Discovery Protocol (SSDP) Service Exploitation Less Likely	CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')	Windows Simple Search and Discovery Protocol (SSDP) Service Elevation of Privilege Vulnerability CVSS vector: AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2026-04-14	No	Reported By Anonymous
CVE-2026-32068	Windows Simple Search and Discovery Protocol (SSDP) Service Exploitation Unlikely	CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')	Windows Simple Search and Discovery Protocol (SSDP) Service Elevation of Privilege Vulnerability CVSS vector: AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2026-04-14	No	Reported By Anonymous
CVE-2026-27918	Windows Shell Exploitation Less Likely	CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')	Windows Shell Elevation of Privilege Vulnerability CVSS vector: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2026-04-14	No	Reported By [h4urek](https://x.com/h4urek) with [secsys lab](https://security.fudan.edu.cn/)
CVE-2026-26174	Windows Server Update Service (WSUS) Exploitation Less Likely	CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') CWE-416: Use After Free	Windows Server Update Service (WSUS) Elevation of Privilege Vulnerability CVSS vector: AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2026-04-14	No	Reported By Anonymous
CVE-2026-32160	Windows Push Notifications Exploitation Unlikely	CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')	Windows Push Notifications Elevation of Privilege Vulnerability CVSS vector: AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C	2026-04-14	No	Reported By Yun Cong with Microsoft
CVE-2026-32159	Windows Push Notifications Exploitation Less Likely	CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') CWE-416: Use After Free	Windows Push Notifications Elevation of Privilege Vulnerability CVSS vector: AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C	2026-04-14	No	Reported By Yun Cong with Microsoft