CVE-2026-40397

Heap-based buffer overflow in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally...

Microsoft Windows Common Log File System Driver 数字错误漏洞

The Microsoft Windows Common Log File System Driver is a high-performance, general-purpose log file system API provided by Microsoft. It allows specialized client applications to utilize this subsystem, enabling multiple clients to share it for optimized log access. The Microsoft Windows Common L...

CVE-2026-2636 Denial of Service in Microsoft OS

This vulnerability is caused by a CWE‑159: "Improper Handling of Invalid Use of Special Elements" weakness, which leads to an unrecoverable inconsistency in the CLFS.sys driver. This condition forces a call to the KeBugCheckEx function, allowing an unprivileged user to trigger a system crash...

CVE-2026-2636 Denial of Service in Microsoft OS

This vulnerability is caused by a CWE‑159: "Improper Handling of Invalid Use of Special Elements" weakness, which leads to an unrecoverable inconsistency in the CLFS.sys driver. This condition forces a call to the KeBugCheckEx function, allowing an unprivileged user to trigger a system crash...

PT-2026-21986

Name of the Vulnerable Software and Affected Versions Windows versions prior to September 2025 cumulative update for Windows 11 2024 LTSC and Windows Server 2025 Windows 11 23H2 and earlier Description The issue is caused by improper handling of invalid use of special elements within the CLFS.sys...

EUVD-2016-4367

Malware in sbrugna...

EUVD-2020-2151

Malware in sbrugna...

VulnCheck KEV: CVE-2025-32706

Microsoft Windows Common Log File System CLFS Driver contains a heap-based buffer overflow vulnerability that allows an authorized attacker to elevate privileges locally...

Microsoft Windows Common Log File System (CLFS) Driver Heap-Based Buffer Overflow Vulnerability

Microsoft Windows Common Log File System CLFS Driver contains a heap-based buffer overflow vulnerability that allows an authorized attacker to elevate privileges locally...

Patch Tuesday - April 2025

Microsoft is addressing 121 vulnerabilities this April 2025 Patch Tuesday, which is more than twice as many as last month. Microsoft has evidence of in-the-wild exploitation for just one of the vulnerabilities published today, which is already reflected in CISA KEV. Once again, Microsoft has...

Patch Tuesday, December 2024 Edition

Microsoft today released updates to plug at least 70 security holes in Windows and Windows software, including one vulnerability that is already being exploited in active attacks. The zero-day seeing exploitation involves CVE-2024-49138, a security weakness in the Windows Common Log File System...

Microsoft Windows Common Log File System (CLFS) Driver Heap-Based Buffer Overflow Vulnerability

Microsoft Windows Common Log File System CLFS driver contains a heap-based buffer overflow vulnerability that allows a local attacker to escalate privileges...

Windows CLFS and five exploits used by ransomware operators (Exploit #3 – October 2022)

This is part four of our study about the Common Log File System CLFS and five vulnerabilities in this Windows OS component that have been used in ransomware attacks throughout the year. Please read the previous parts first if you havent already. You can skip to the other parts using this table of...

PT-2023-9403 · Microsoft · Windows 11 +5

Name of the Vulnerable Software and Affected Versions: Microsoft Windows 10, Windows 11, Windows Server 2016, Windows Server 2019, and Windows Server 2022 affected versions not specified Description: A Denial of Service in the CLFS.sys driver allows a malicious authenticated low-privilege user to...

Buffer Overflow

libzephyr.so is vulnerable to Buffer Overflows. The vulnerability is caused by the CLFS driver. An attacker is able to exploit this vulnerability by sending a specially crafted log file to a vulnerable system. If the log file is processed by the CLFS driver, the buffer overflow can be triggered,...

Microsoft Windows CLFS Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows local attackers to disclose sensitive information on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the...

Microsoft Windows CLFS Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows local attackers to disclose sensitive information on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the CLF...

Update now! April’s Patch Tuesday includes a fix for one zero-day

Its Patch Tuesday again. Microsoft and other vendors have released their monthly updates. Among a total of 97 patched vulnerabilities there is one actively exploited zero-day. Microsoft classifies a vulnerability as a zero-day if it is publicly disclosed or actively exploited with no official fix...

PT-2023-2243

Name of the Vulnerable Software and Affected Versions Windows Common Log File System Driver affected versions not specified Description The issue is related to an elevation-of-privilege vulnerability in the Windows Common Log File System CLFS Driver. This vulnerability allows attackers to affect...

Unspecified Vulnerability in Microsoft Windows Common Log File System Driver

The Microsoft Windows Common Log File System Driver is Microsoft's Common Log File System CLFS API that provides a high-performance, general-purpose log file subsystem that can be used by specialized client applications and shared by multiple clients to optimize logging and access. access. A...