Analyst command view

MSRC Driver CVE Board

Latest-state board for filtered MSRC CVEs from 2020-01-01 to today, tuned for fast triage across module, CWE, release window, exploitation signal, and acknowledgement context.

Live snapshot

Last Sync

2026-05-20T07:39:30Z

Freshness

1 day(s) ago

Refresh Policy

24h baseline + release watch

Storage

Latest snapshot only

Rows In View

4933

Current result set after filter and search.

Exploited Flagged

4189

Rows with a non-empty exploitation signal.

Distinct CWE

162

Unique weakness classes in this view.

Modules

1528

Unique inferred driver or component labels.

Module

CWE

Rows

Sort

Actions

Reset

Top CWE

162 classes

Unspecified2109 CWE-416: Use After Free443 CWE-122: Heap-based Buffer Overflow354 CWE-125: Out-of-bounds Read269 CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')147 CWE-20: Improper Input Validation142 CWE-190: Integer Overflow or Wraparound127 CWE-476: NULL Pointer Dereference126

Top Modules

1528 modules

Windows Kernel220 Windows Routing and Remote Access Service (RRAS)111 Windows Hyper-V101 Win32k100 Windows Graphics Component89 Windows Print Spooler69 Remote Procedure Call Runtime67 Microsoft Message Queuing (MSMQ)63

Release Month

April 2026

50 CVE | last update 1 day(s) ago

Release 2026-04-14 Patch Tuesday Count 46

CVE	Module	CWE	Title Advisory text and compact technical context	Release	Exploited	Acknowledgement
CVE-2026-32158	Windows Push Notifications Exploitation Unlikely	CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') CWE-416: Use After Free	Windows Push Notifications Elevation of Privilege Vulnerability CVSS vector: AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C	2026-04-14	No	Reported By Yun Cong with Microsoft
CVE-2026-26172	Windows Push Notifications Exploitation Less Likely	CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') CWE-416: Use After Free	Windows Push Notifications Elevation of Privilege Vulnerability CVSS vector: AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C	2026-04-14	No	Reported By Anonymous
CVE-2026-26167	Windows Push Notifications Exploitation Less Likely	CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') CWE-416: Use After Free	Windows Push Notifications Elevation of Privilege Vulnerability CVSS vector: AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C	2026-04-14	No	Reported By h4urek with secsys lab
CVE-2026-27927	Windows Projected File System Exploitation Less Likely	CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') CWE-416: Use After Free	Windows Projected File System Elevation of Privilege Vulnerability CVSS vector: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2026-04-14	No	Reported By ChenJian with Sea Security Orca Team
CVE-2026-20930	Windows Management Services Exploitation Less Likely	CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')	Windows Management Services Elevation of Privilege Vulnerability CVSS vector: AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C	2026-04-14	No	Reported By Anonymous
CVE-2026-32150	Windows Function Discovery Service (fdwsd.dll) Exploitation Less Likely	CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')	Windows Function Discovery Service (fdwsd.dll) Elevation of Privilege Vulnerability CVSS vector: AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2026-04-14	No	Reported By Anonymous
CVE-2026-32093	Windows Function Discovery Service (fdwsd.dll) Exploitation More Likely	CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition CWE-122: Heap-based Buffer Overflow	Windows Function Discovery Service (fdwsd.dll) Elevation of Privilege Vulnerability CVSS vector: AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2026-04-14	No	Reported By Anonymous
CVE-2026-32086	Windows Function Discovery Service (fdwsd.dll) Exploitation Less Likely	CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')	Windows Function Discovery Service (fdwsd.dll) Elevation of Privilege Vulnerability CVSS vector: AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2026-04-14	No	Reported By Anonymous
CVE-2026-27926	Windows Cloud Files Mini Filter Driver Exploitation Less Likely	CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') CWE-416: Use After Free	Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability CVSS vector: AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2026-04-14	No	Reported By Joe Desimone with Elastic Security
CVE-2026-26173	Windows Ancillary Function Driver for WinSock Exploitation Less Likely	CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') CWE-416: Use After Free CWE-476: NULL Pointer Dereference	Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability CVSS vector: AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2026-04-14	No	Reported By Angelboy (@scwuaptx) with DEVCORE
CVE-2026-26168	Windows Ancillary Function Driver for WinSock Exploitation Less Likely	CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') CWE-416: Use After Free	Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability CVSS vector: AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C	2026-04-14	No	Reported By Angelboy (@scwuaptx) with DEVCORE Thanatos Tian & @2st___ of Diffract & Zhiniang Peng with HUST Frederica with Tencent Xuanwu Lab using the Atuin Automated Vulnerability Discovery System
CVE-2026-33104	Win32k Exploitation Less Likely	CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') CWE-416: Use After Free	Win32k Elevation of Privilege Vulnerability CVSS vector: AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2026-04-14	No	Reported By Marcin Wiazowski working with TrendAI Zero Day Initiative
CVE-2026-32091	Microsoft Brokering File System Exploitation Less Likely	CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') CWE-416: Use After Free	Microsoft Brokering File System Elevation of Privilege Vulnerability CVSS vector: AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2026-04-14	No	Reported By Anonymous
CVE-2026-25184	Applocker Filter Driver (applockerfltr.sys) Exploitation Less Likely	CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')	Applocker Filter Driver (applockerfltr.sys) Elevation of Privilege Vulnerability CVSS vector: AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2026-04-14	No	Reported By Souhail Hammou
CVE-2026-32162	Windows COM Exploitation More Likely	CWE-349: Acceptance of Extraneous Untrusted Data With Trusted Data	Windows COM Elevation of Privilege Vulnerability CVSS vector: AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2026-04-14	No	Reported By Faiustov Denis with GMO Cybersecurity by Ierae, Inc. Masahiro Kawada with GMO Cybersecurity by Ierae, Inc.
CVE-2026-26160	Remote Desktop Licensing Service Exploitation Less Likely	CWE-306: Missing Authentication for Critical Function	Remote Desktop Licensing Service Elevation of Privilege Vulnerability CVSS vector: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2026-04-14	No	Reported By Howard McGreehan with MSRC V&M
CVE-2026-26159	Remote Desktop Licensing Service Exploitation Less Likely	CWE-306: Missing Authentication for Critical Function	Remote Desktop Licensing Service Elevation of Privilege Vulnerability CVSS vector: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2026-04-14	No	Reported By Howard McGreehan with MSRC V&M
CVE-2026-32214	Universal Plug and Play (upnp.dll) Exploitation Less Likely	CWE-284: Improper Access Control	Universal Plug and Play (upnp.dll) Information Disclosure Vulnerability CVSS vector: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C	2026-04-14	No	Reported By Anonymous
CVE-2026-26183	Remote Access Management service/API (RPC server) Exploitation Less Likely	CWE-284: Improper Access Control	Remote Access Management service/API (RPC server) Elevation of Privilege Vulnerability CVSS vector: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2026-04-14	No	Reported By George Hughey with MSRC Vulnerabilities & Mitigations
CVE-2026-27914	Microsoft Management Console Exploitation More Likely	CWE-284: Improper Access Control	Microsoft Management Console Elevation of Privilege Vulnerability CVSS vector: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2026-04-14	No	Reported By Filip Dragović
CVE-2026-27910	Windows Installer Exploitation Less Likely	CWE-280: Improper Handling of Insufficient Permissions or Privileges	Windows Installer Elevation of Privilege Vulnerability CVSS vector: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2026-04-14	No	Reported By JaGoTu with DCIT, a.s.
CVE-2026-32181	Connected User Experiences and Telemetry Service Exploitation Less Likely	CWE-269: Improper Privilege Management	Connected User Experiences and Telemetry Service Denial of Service Vulnerability CVSS vector: AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C	2026-04-14	No	Reported By h4urek with secsys lab
CVE-2026-32149	Windows Hyper-V Exploitation Less Likely	CWE-20: Improper Input Validation CWE-191: Integer Underflow (Wrap or Wraparound) CWE-122: Heap-based Buffer Overflow	Windows Hyper-V Remote Code Execution Vulnerability CVSS vector: AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2026-04-14	No	-
CVE-2026-33826	Windows Active Directory Exploitation More Likely	CWE-20: Improper Input Validation	Windows Active Directory Remote Code Execution Vulnerability CVSS vector: AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2026-04-14	No	Reported By Aniq Fakhrul
CVE-2026-26170	PowerShell Exploitation Less Likely	CWE-20: Improper Input Validation	PowerShell Elevation of Privilege Vulnerability CVSS vector: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2026-04-14	No	Reported By Anonymous
CVE-2026-32151	Windows Shell Exploitation Less Likely	CWE-200: Exposure of Sensitive Information to an Unauthorized Actor	Windows Shell Information Disclosure Vulnerability CVSS vector: AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C	2026-04-14	No	Reported By Anonymous
CVE-2026-32084	Windows Print Spooler Exploitation Unlikely	CWE-200: Exposure of Sensitive Information to an Unauthorized Actor	Windows Print Spooler Information Disclosure Vulnerability CVSS vector: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C	2026-04-14	No	Reported By David Zhu with Microsoft
CVE-2026-32079	Web Account Manager Exploitation Unlikely	CWE-200: Exposure of Sensitive Information to an Unauthorized Actor	Web Account Manager Information Disclosure Vulnerability CVSS vector: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C	2026-04-14	No	Reported By David Zhu with Microsoft
CVE-2026-32085	Remote Procedure Call Exploitation Unlikely	CWE-200: Exposure of Sensitive Information to an Unauthorized Actor	Remote Procedure Call Information Disclosure Vulnerability CVSS vector: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C	2026-04-14	No	Reported By David Zhu with Microsoft
CVE-2026-32081	Package Catalog Exploitation Unlikely	CWE-200: Exposure of Sensitive Information to an Unauthorized Actor	Package Catalog Information Disclosure Vulnerability CVSS vector: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C	2026-04-14	No	Reported By David Zhu with Microsoft
CVE-2026-27907	Windows Storage Spaces Controller Exploitation Less Likely	CWE-191: Integer Underflow (Wrap or Wraparound)	Windows Storage Spaces Controller Elevation of Privilege Vulnerability CVSS vector: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2026-04-14	No	Reported By Kang Minchae with Best of Best 14th Team JUSTWIN (Kim Dowon, Kang Minju, Kim Donggeon, Wi Siyeon, Yoon Junghyun)
CVE-2026-26184	Windows Projected File System Exploitation Less Likely	CWE-126: Buffer Over-read	Windows Projected File System Elevation of Privilege Vulnerability CVSS vector: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2026-04-14	No	Reported By ChenJian with Sea Security Orca Team
CVE-2026-26169	Windows Kernel Memory Exploitation More Likely	CWE-126: Buffer Over-read	Windows Kernel Memory Information Disclosure Vulnerability CVSS vector: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N/E:U/RL:O/RC:C	2026-04-14	No	Reported By Faiustov Denis with GMO Cybersecurity by Ierae, Inc. Masahiro Kawada with GMO Cybersecurity by Ierae, Inc.
CVE-2026-26155	Microsoft Local Security Authority Subsystem Service Exploitation Less Likely	CWE-126: Buffer Over-read	Microsoft Local Security Authority Subsystem Service Information Disclosure Vulnerability CVSS vector: AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C	2026-04-14	No	Reported By Howard McGreehan with MSRC V&M
CVE-2026-32076	Windows Storage Spaces Controller Exploitation Less Likely	CWE-125: Out-of-bounds Read	Windows Storage Spaces Controller Elevation of Privilege Vulnerability CVSS vector: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2026-04-14	No	Reported By Yoon Jung Hyun(Yuil Muil (@YuilMuil) / X)
CVE-2026-27931	Windows GDI Exploitation Less Likely	CWE-125: Out-of-bounds Read	Windows GDI Information Disclosure Vulnerability CVSS vector: AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C	2026-04-14	No	Reported By xina1i@psbc
CVE-2026-27930	Windows GDI Exploitation Less Likely	CWE-125: Out-of-bounds Read	Windows GDI Information Disclosure Vulnerability CVSS vector: AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C	2026-04-14	No	Reported By xina1i@psbc
CVE-2026-26153	Windows Encrypted File System (EFS) Exploitation Less Likely	CWE-125: Out-of-bounds Read	Windows Encrypted File System (EFS) Elevation of Privilege Vulnerability CVSS vector: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2026-04-14	No	Reported By Hangyu Hua(@HBh25Y) with Shuffle Team and Hunan University
CVE-2026-33096	HTTP.sys Exploitation Less Likely	CWE-125: Out-of-bounds Read	HTTP.sys Denial of Service Vulnerability CVSS vector: AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C	2026-04-14	No	Reported By WARP & MORSE teams at Microsoft Milad Nasr (Anthropic) and Calif.io with Claude
CVE-2026-32223	Windows USB Printing Stack (usbprint.sys) Exploitation Less Likely	CWE-122: Heap-based Buffer Overflow	Windows USB Printing Stack (usbprint.sys) Elevation of Privilege Vulnerability CVSS vector: AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2026-04-14	No	Reported By hao huang with Fudan University secsys lab Donghyeon Oh with Patchpoint Jonghoi Kim Jongseong Kim (nevul37) working with ENKI Whitehat Dongjun Kim (smiljun), working with ENKI WhiteHat Thanatos Tian & @2st__ with Diffract & Zhiniang Peng with HUST
CVE-2026-26180	Windows Kernel Exploitation Less Likely	CWE-122: Heap-based Buffer Overflow	Windows Kernel Elevation of Privilege Vulnerability CVSS vector: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2026-04-14	No	Reported By Jason Lin
CVE-2026-26156	Windows Hyper-V Exploitation Less Likely	CWE-122: Heap-based Buffer Overflow CWE-125: Out-of-bounds Read CWE-20: Improper Input Validation	Windows Hyper-V Remote Code Execution Vulnerability CVSS vector: AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2026-04-14	No	Reported By cyanbamboo and b2ahex
CVE-2026-32221	Windows Graphics Component Exploitation Less Likely	CWE-122: Heap-based Buffer Overflow	Windows Graphics Component Remote Code Execution Vulnerability CVSS vector: AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2026-04-14	No	Reported By Anonymous
CVE-2026-32087	Windows Function Discovery Service (fdwsd.dll) Exploitation Less Likely	CWE-122: Heap-based Buffer Overflow	Windows Function Discovery Service (fdwsd.dll) Elevation of Privilege Vulnerability CVSS vector: AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2026-04-14	No	Reported By Anonymous
CVE-2026-26176	Windows Client Side Caching driver (csc.sys) Exploitation Less Likely	CWE-122: Heap-based Buffer Overflow	Windows Client Side Caching driver (csc.sys) Elevation of Privilege Vulnerability CVSS vector: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2026-04-14	No	Reported By ChengBin Wang with ZheJiang Guoli Security Technology
CVE-2026-32195	Windows Kernel Exploitation Less Likely	CWE-121: Stack-based Buffer Overflow	Windows Kernel Elevation of Privilege Vulnerability CVSS vector: AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2026-04-14	No	Reported By Jongseong Kim (nevul37), SEC-agent team Hwiwon Lee (hwiwonl), SEC-agent team Gwanhyun Lee Dongjun Kim Anonymous 0rb1t with None Qanux with None

Release 2026-04-12 Other / OOB Count 1

CVE	Module	CWE	Title Advisory text and compact technical context	Release	Exploited	Acknowledgement
CVE-2026-34757	LIBPNG has a yse-after-free in png_set_PLTE, png_set_tRNS and png_set_hIST leading to corrupted chunk data and potential heap No latest release note	CWE-416: Use After Free	LIBPNG has a yse-after-free in png_set_PLTE, png_set_tRNS and png_set_hIST leading to corrupted chunk data and potential heap information disclosure CVSS vector: AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N	2026-04-12	-	-

Release 2026-04-11 Other / OOB Count 1

CVE	Module	CWE	Title Advisory text and compact technical context	Release	Exploited	Acknowledgement
CVE-2026-35611	Addressable has a Regular Expression No latest release note	CWE-1333: Inefficient Regular Expression Complexity	Addressable has a Regular Expression Denial of Service in Addressable templates CVSS vector: AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H	2026-04-11	-	-

Release 2026-04-02 Other / OOB Count 2

CVE	Module	CWE	Title Advisory text and compact technical context	Release	Exploited	Acknowledgement
CVE-2026-32186	Microsoft Bing N/A	CWE-918: Server-Side Request Forgery (SSRF)	Microsoft Bing Elevation of Privilege Vulnerability CVSS vector: AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C	2026-04-02	No	Reported By Sriharsha Pallekonda with Microsoft
CVE-2026-2436	Libsoup: libsoup No latest release note	CWE-825: Expired Pointer Dereference	Libsoup: libsoup: denial of service via use-after-free in soupserver during tls handshake CVSS vector: AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H	2026-04-02	-	-