CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2025-60865
https://notcve.org/view.php?id=CVE-2025-60865
03 Feb 2026 — Insecure Permissions vulnerability in avanquest Driver Updater v.9.1.57803.1174 allows a local attacker to escalate privileges via the Driver Updater Service windows component. • https://github.com/parad0x1334/CVE-Disclosures/tree/50e5d2bf33b2926db2cb14d47d392b38ac619a41/Driver%20Updater%20-%20PCHelpsoft • CWE-284: Improper Access Control •
CVSS: 6.9EPSS: 0%CPEs: 5EXPL: 1CVE-2026-23761 – VB-Audio Voicemeeter & Matrix Drivers DoS via Improper FILE_OBJECT FsContext Initialization
https://notcve.org/view.php?id=CVE-2026-23761
22 Jan 2026 — If subsequent operations are not handled by the VB-Audio driver and are forwarded down the audio driver stack (e.g., via PortCls to ks.sys), the invalid FsContext value can be dereferenced, causing a kernel crash (BSoD), typically SYSTEM_SERVICE_EXCEPTION with STATUS_ACCESS_VIOLATION. This flaw allows a local unprivileged user to trigger a denial-of-service on affected Windows systems. • https://www.vulncheck.com/advisories/vb-audio-voicemeeter-and-matrix-drivers-dos-via-improper-file-object-fscontext-initialization • CWE-824: Access of Uninitialized Pointer •
CVSS: 6.9EPSS: 0%CPEs: 5EXPL: 1CVE-2026-23762 – VB-Audio Voicemeeter & Matrix Drivers DoS via MmMapLockedPagesSpecifyCache
https://notcve.org/view.php?id=CVE-2026-23762
22 Jan 2026 — This flaw allows a local unprivileged user to trigger a denial-of-service on affected Windows systems. • https://www.vulncheck.com/advisories/vb-audio-voicemeeter-and-matrix-drivers-dos-via-mmmaplockedpagesspecifycache • CWE-755: Improper Handling of Exceptional Conditions •
CVSS: 6.8EPSS: 0%CPEs: 5EXPL: 1CVE-2026-23764 – VB-Audio Voicemeeter & Matrix Drivers DoS via Corrupted IoAllocateMdl Length
https://notcve.org/view.php?id=CVE-2026-23764
22 Jan 2026 — This flaw allows a local user to trigger a denial-of-service on affected Windows systems. • https://www.vulncheck.com/advisories/vb-audio-voicemeeter-and-matrix-drivers-dos-via-corrupted-ioallocatemdl-length • CWE-823: Use of Out-of-range Pointer Offset •
CVSS: 5.7EPSS: 0%CPEs: 1EXPL: 2CVE-2025-68947 – NSecsoft NSecKrnl process termination privilege escalation
https://notcve.org/view.php?id=CVE-2025-68947
13 Jan 2026 — NSecsoft 'NSecKrnl' is a Windows driver that allows a local, authenticated attacker to terminate processes owned by other users, including SYSTEM and Protected Processes by issuing crafted IOCTL requests to the driver. • https://github.com/ANYLNK/NSecSoftBYOVD • CWE-862: Missing Authorization •
CVSS: 7.0EPSS: 0%CPEs: 24EXPL: 1CVE-2025-60719 – Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2025-60719
11 Nov 2025 — Untrusted pointer dereference in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally. • https://packetstorm.news/files/id/212597 • CWE-822: Untrusted Pointer Dereference •
CVSS: 10.0EPSS: 0%CPEs: 3EXPL: 1CVE-2025-34193 – Vasion Print (formerly PrinterLogic) Insecure Windows Components Lack Modern Memory Protections and Use Outdated Runtimes
https://notcve.org/view.php?id=CVE-2025-34193
19 Sep 2025 — Vasion Print (formerly PrinterLogic) Virtual Appliance Host versions prior to 25.1.102 and Application versions prior to 25.1.1413 include Windows client components (PrinterInstallerClientInterface.exe, PrinterInstallerClient.exe, PrinterInstallerClientLauncher.exe) that lack modern compile-time and runtime exploit mitigations and rely on outdated runtimes. Vasion Print (formerly PrinterLogic) Virtual Appliance Host versions prior to 25.1.102 and Application versions prior to 25.1.1413 include Win... • https://www.vulncheck.com/advisories/vasion-print-printerlogic-insecure-windows-components-lack-modern-memory-protections-and-use-outdated-runtimes • CWE-755: Improper Handling of Exceptional Conditions CWE-1104: Use of Unmaintained Third Party Components •
CVSS: 9.8EPSS: 0%CPEs: 3EXPL: 1CVE-2025-34195 – Vasion Print (formerly PrinterLogic) Unquoted Path During Driver Installation Leads to Execution of C:\Program.exe
https://notcve.org/view.php?id=CVE-2025-34195
19 Sep 2025 — Vasion Print (formerly PrinterLogic) Virtual Appliance Host versions prior to 1.0.735 and Application prior to 20.0.1330 (Windows client deployments) contain a remote code execution vulnerability during driver installation caused by unquoted program paths. Vasion Print (formerly PrinterLogic) Virtual Appliance Host versions prior to 1.0.735 and Application prior to 20.0.1330 (Windows client deployments) contain a remote code execution vulnerability during driver installation caus... • https://www.vulncheck.com/advisories/vasion-print-printerlogic-unquoted-path-during-driver-installation • CWE-434: Unrestricted Upload of File with Dangerous Type •
CVSS: 7.8EPSS: 0%CPEs: 26EXPL: 1CVE-2025-49730 – Microsoft Windows QoS Scheduler Driver Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2025-49730
08 Jul 2025 — Time-of-check time-of-use (toctou) race condition in Microsoft Windows QoS scheduler allows an authorized attacker to elevate privileges locally. • https://www.exploit-db.com/exploits/52399 • CWE-122: Heap-based Buffer Overflow CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition •
CVSS: 7.8EPSS: 0%CPEs: 26EXPL: 1CVE-2025-29824 – Microsoft Windows Common Log File System (CLFS) Driver Use-After-Free Vulnerability
https://notcve.org/view.php?id=CVE-2025-29824
08 Apr 2025 — Use after free in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally. Microsoft Windows Common Log File System (CLFS) Driver contains a use-after-free vulnerability that allows an authorized attacker to elevate privileges locally. • https://github.com/encrypter15/CVE-2025-29824 • CWE-416: Use After Free •