CVE-2026-8501

Improper access control in the PCTCore64.sys Windows kernel driver from PC Tools Internet Security allows user-mode processes to access the PCTCoreDriver WDM device interface and invoke privileged IOCTL handlers. A local attacker with the ability to access or load the affected driver can exploit...

EUVD-2026-33669

Improper access control in the PCTCore64.sys Windows kernel driver from PC Tools Internet Security allows user-mode processes to access the PCTCoreDriver WDM device interface and invoke privileged IOCTL handlers. A local attacker with the ability to access or load the affected driver can exploit...

CVE-2026-8501 CVE-2026-8501

Improper access control in the PCTCore64.sys Windows kernel driver from PC Tools Internet Security allows user-mode processes to access the PCTCoreDriver WDM device interface and invoke privileged IOCTL handlers. A local attacker with the ability to access or load the affected driver can exploit...

CVE-2026-8501

CVE-2026-8501 affects the PC Tools PCTCore64.sys Windows kernel driver. The driver exposes the .�5CPCTCoreDriver WDM device interface with no access control, allowing user-mode processes to invoke privileged IOCTL handlers and perform low-level operations. Documented impacts include credential th...

CVE-2026-8501 CVE-2026-8501

Improper access control in the PCTCore64.sys Windows kernel driver from PC Tools Internet Security allows user-mode processes to access the PCTCoreDriver WDM device interface and invoke privileged IOCTL handlers. A local attacker with the ability to access or load the affected driver can exploit...

CVE-2026-8501

Improper access control in the PCTCore64.sys Windows kernel driver from PC Tools Internet Security allows user-mode processes to access the PCTCoreDriver WDM device interface and invoke privileged IOCTL handlers. A local attacker with the ability to access or load the affected driver can exploit...

PCTCore64.sys Windows kernel driver contains missing access control vulnerability

Overview The PCTCore64.sys Windows kernel driver from PC Tools Internet Security exposes its \.\PCTCoreDriver device interface with no access control, allowing any user-mode process to interact with the driver and invoke privileged IOCTL I/O Control commands. In a Bring Your Own Vulnerable Driver...

exploit-lab

Exploit Development Lab — From Stack Smash to Kernel 0-Day 20...

Exploit for Untrusted Pointer Dereference in Microsoft

ntoskrnl-metadata An IDA Python script for extracting critica...

Making Vulnerable Drivers Exploitable Without Hardware - The BYOVD Perspective

1 Introduction This article provides a technical analysis of how many Windows kernel mode drivers can be interacted with from user mode without the hardware they were developed for. This work was motivated by driver-oriented vulnerability research and the need to evaluate the exploitability of...

Exploit for Untrusted Pointer Dereference in Microsoft

CVE-2026-40369: Defensive Analysis of the 12-Byte Windows Kern...

May Microsoft Patch Tuesday

May Microsoft Patch Tuesday. A total of 119 vulnerabilities, approximately 1.5 times fewer than in April. There are currently no vulnerabilities marked as actively exploited in the wild. However, there is one vulnerability with a public exploit: 🔸 EoP - Windows Kernel CVE-2026-40369. A detailed...

CVE-2026-40369

Heap-based buffer overflow in Windows Kernel allows an authorized attacker to elevate privileges locally...

CVE-2026-35420

Heap-based buffer overflow in Windows Kernel allows an authorized attacker to elevate privileges locally...

CVE-2026-34332

Use after free in Windows Kernel-Mode Drivers allows an authorized attacker to execute code over a network...

CVE-2026-33841

Heap-based buffer overflow in Windows Kernel allows an authorized attacker to elevate privileges locally...

CVE-2026-34333

Use after free in Windows Win32K - GRFX allows an authorized attacker to elevate privileges locally...

CVE-2026-33840

Concurrent execution using shared resource with improper synchronization 'race condition' in Windows Win32K - GRFX allows an authorized attacker to elevate privileges locally...

EUVD-2026-29668

Use after free in Windows Kernel-Mode Drivers allows an authorized attacker to elevate privileges locally...

EUVD-2026-29624

Access of resource using incompatible type 'type confusion' in Windows Win32K - ICOMP allows an authorized attacker to elevate privileges locally...