CVE-2026-40397

Heap-based buffer overflow in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally...

Microsoft Windows Common Log File System Driver 数字错误漏洞

The Microsoft Windows Common Log File System Driver is a high-performance, general-purpose log file system API provided by Microsoft. It allows specialized client applications to utilize this subsystem, enabling multiple clients to share it for optimized log access. The Microsoft Windows Common L...

CVE-2026-2636 Denial of Service in Microsoft OS

This vulnerability is caused by a CWE‑159: "Improper Handling of Invalid Use of Special Elements" weakness, which leads to an unrecoverable inconsistency in the CLFS.sys driver. This condition forces a call to the KeBugCheckEx function, allowing an unprivileged user to trigger a system crash...

CVE-2026-2636 Denial of Service in Microsoft OS

This vulnerability is caused by a CWE‑159: "Improper Handling of Invalid Use of Special Elements" weakness, which leads to an unrecoverable inconsistency in the CLFS.sys driver. This condition forces a call to the KeBugCheckEx function, allowing an unprivileged user to trigger a system crash...

PT-2026-21986

Name of the Vulnerable Software and Affected Versions Windows versions prior to September 2025 cumulative update for Windows 11 2024 LTSC and Windows Server 2025 Windows 11 23H2 and earlier Description The issue is caused by improper handling of invalid use of special elements within the CLFS.sys...

EUVD-2016-4367

Malware in sbrugna...

EUVD-2020-2151

Malware in sbrugna...

VulnCheck KEV: CVE-2025-32706

Microsoft Windows Common Log File System CLFS Driver contains a heap-based buffer overflow vulnerability that allows an authorized attacker to elevate privileges locally...

Microsoft Windows Common Log File System (CLFS) Driver Heap-Based Buffer Overflow Vulnerability

Microsoft Windows Common Log File System CLFS Driver contains a heap-based buffer overflow vulnerability that allows an authorized attacker to elevate privileges locally...

Patch Tuesday - April 2025

Microsoft is addressing 121 vulnerabilities this April 2025 Patch Tuesday, which is more than twice as many as last month. Microsoft has evidence of in-the-wild exploitation for just one of the vulnerabilities published today, which is already reflected in CISA KEV. Once again, Microsoft has...

Patch Tuesday, December 2024 Edition

Microsoft today released updates to plug at least 70 security holes in Windows and Windows software, including one vulnerability that is already being exploited in active attacks. The zero-day seeing exploitation involves CVE-2024-49138, a security weakness in the Windows Common Log File System...

The vulnerability of the Windows Common Log File System (CLFS) driver in Windows operating systems allows a hacker to elevate their privileges to the SYSTEM level.

The vulnerability of the Windows Common Log File System CLFS driver in Windows operating systems is related to buffer overflows in dynamic memory. Exploiting this vulnerability can allow an attacker to elevate their privileges to the SYSTEM level...

Microsoft Windows Common Log File System (CLFS) Driver Heap-Based Buffer Overflow Vulnerability

Microsoft Windows Common Log File System CLFS driver contains a heap-based buffer overflow vulnerability that allows a local attacker to escalate privileges...

The vulnerability of the CLFS driver for Microsoft Windows operating systems allows a hacker to gain increased privileges.

The vulnerability of the CLFS driver in Microsoft Windows operating systems is related to errors in privilege management. Exploiting this vulnerability can allow an attacker to elevate their privileges to the SYSTEM level using a specially crafted blk-file...

The vulnerability of the Windows Common Log File System (CLFS) driver in Windows operating systems allows a hacker to gain elevated privileges.

The vulnerability of the Windows Common Log File System CLFS driver in Windows operating systems is related to incorrect handling of symbolic links before accessing the file. Exploiting this vulnerability can allow an attacker to gain increased privileges...

Windows CLFS and five exploits used by ransomware operators (Exploit #3 – October 2022)

This is part four of our study about the Common Log File System CLFS and five vulnerabilities in this Windows OS component that have been used in ransomware attacks throughout the year. Please read the previous parts first if you havent already. You can skip to the other parts using this table of...

PT-2023-9403 · Microsoft · Windows 11 +5

Name of the Vulnerable Software and Affected Versions: Microsoft Windows 10, Windows 11, Windows Server 2016, Windows Server 2019, and Windows Server 2022 affected versions not specified Description: A Denial of Service in the CLFS.sys driver allows a malicious authenticated low-privilege user to...

Buffer Overflow

libzephyr.so is vulnerable to Buffer Overflows. The vulnerability is caused by the CLFS driver. An attacker is able to exploit this vulnerability by sending a specially crafted log file to a vulnerable system. If the log file is processed by the CLFS driver, the buffer overflow can be triggered,...

Microsoft Windows CLFS Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows local attackers to disclose sensitive information on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the CLF...

Microsoft Windows CLFS Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows local attackers to disclose sensitive information on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the...