Exploits Feed
Below is the list of vulnerabilities and CVEs that have been thoroughly analysed by Crowdfense and are now part of our N-day Vulnerabilities Feed.
Each entry includes a comprehensive technical report, featuring:
-
In-depth root cause analysis
-
Exploitation context and impact assessment
A fully weaponised exploit accompanies most vulnerabilities, while others include a crash trigger or minimal proof-of-concept (PoC) to demonstrate exploitability.
With an increasing number of CVEs being reported every year, the vulnerability landscape is vast. Not every vulnerability poses the same level of risk, and others may be practically unexploitable.
Our process draws on sources such as CISA’s KEV catalogue, and we continuously track and analyse vulnerabilities exploited in the wild by APT groups, ransomware operators, and other cybercriminals. To determine whether an exploit is worth developing, we consider which attacks are most critical from an attacker’s perspective, which newly disclosed vulnerabilities are most likely to be used in real-world scenarios, and which exploits would provide the greatest value to our clients.
| ID | CVE Year | CVE | Description | Vendor | Capability | Status | CISA KEV | Released Year |
|---|---|---|---|---|---|---|---|---|
| 1 | 2020 | CVE-2020-17096 | Microsoft Windows NTFS (ntfs.sys) Memory Corruption - Denial of Service (DoS) | Microsoft | DoS | poc | False | 2024 |
| 2 | 2021 | CVE-2021-31956 | Microsoft Windows NTFS (ntfs.sys) Heap Buffer Overflow - Local Privilege Escalation (LPE) | Microsoft | LPE | weaponized | True | 2024 |
| 3 | 2021 | CVE-2021-40466 | Microsoft Windows Common Log File System Driver (clfs.sys) Heap Buffer Overflow - Local Privilege Escalation (LPE) | Microsoft | LPE | weaponized | False | 2024 |
| 4 | 2023 | CVE-2023-36845 | Juniper Firewall/VPN (JunOS) PHP External Variable Modification - Remote Code Execution (RCE) | Juniper | pre-auth RCE | weaponized | True | 2024 |
| 5 | 2024 | CVE-2024-11477 | 7-Zip Zstandard Decompression Integer Underflow - Unexploitable | 7-Zip | unexploitable | poc | False | 2024 |
| 6 | 2024 | CVE-2024-21338 | Microsoft Windows AppLocker (appid.sys) Untrusted Pointer Dereference - Local Privilege Escalation (LPE) | Microsoft | LPE | weaponized | True | 2024 |
| 7 | 2024 | CVE-2024-30078 | Microsoft Windows Wi-Fi Driver (nwifi.sys) OOB Write - Denial of Service (DoS) | Microsoft | DoS | poc | False | 2024 |
| 8 | 2024 | CVE-2024-30085 | Microsoft Windows Cloud Files Mini Filter (cldflt.sys) Heap Buffer Overflow - Local Privilege Escalation (LPE) | Microsoft | LPE | weaponized | False | 2024 |
| 9 | 2024 | CVE-2024-30088 | Microsoft Windows Kernel TOCTOU Race Condition - Local Privilege Escalation (LPE) | Microsoft | LPE | weaponized | True | 2024 |
| 10 | 2024 | CVE-2024-35250 | Microsoft Windows Kernel Streaming (ks.sys and ksthink.sys) Untrusted Pointer Dereference - Local Privilege Escalation (LPE) | Microsoft | LPE | weaponized | True | 2025 |
| 11 | 2024 | CVE-2024-38054 | Microsoft Windows Kernel Streaming WOW Thunk Service (ksthunk.sys) Heap Based Overflow - Local Privilege Escalation (LPE) | Microsoft | LPE | weaponized | False | 2024 |
| 12 | 2024 | CVE-2024-38077 | Microsoft Windows Remote Desktop Licensing Service (TermServLicensing) Heap Overflow (madlicense) - Remote Code Execution (RCE) | Microsoft | pre-auth RCE | weaponized | False | 2024 |
| 13 | 2024 | CVE-2024-38080 | Microsoft Windows Hyper-V Integer Overflow - Local Privilege Escalation (LPE) | Microsoft | LPE | weaponized | True | 2024 |
| 14 | 2024 | CVE-2024-38193 | Microsoft Windows Ancillary Function Driver for WinSock (afd.sys) Use After Free - Local Privilege Escalation (LPE) | Microsoft | LPE | weaponized | True | 2024 |
| 15 | 2024 | CVE-2024-43572 | Microsoft Windows Management Console - Remote Code Execution (RCE) | Microsoft | RCE | weaponized | True | 2024 |
| 16 | 2024 | CVE-2024-43639 | Microsoft Windows KDC Proxy (kpssvc.dll) Numeric Truncation Error - Unexploitable | Microsoft | unexploitable | poc | False | 2024 |
| 17 | 2024 | CVE-2024-46740 | Google Android (Linux Binder) Use After Free - Local Privilege Escalation (LPE) | LPE | weaponized | False | 2025 | |
| 18 | 2024 | CVE-2024-47575 | Fortinet Fortimanager Missing Authentication - Remote Code Execution (RCE) | Fortinet | pre-auth RCE | weaponized | True | 2024 |
| 19 | 2024 | CVE-2024-7965 | Google Chrome Android TurboFan Instruction Selection Bug - Remote Code Execution (RCE) | RCE | weaponized | True | 2024 | |
| 20 | 2024 | CVE-2024-43511 | Microsoft Windows Kernel TOCTOU Race Condition - Unexploitable | Microsoft | unexploitable | poc | False | 2024 |
| 21 | 2024 | CVE-2024-38178 | Microsoft Windows Scripting Engine (JScript9.dll) Internet Explorer/Edge Chakra Engine Type Confusion - Remote Code Execution (RCE) | Microsoft | RCE | weaponized | True | 2025 |
| 22 | 2024 | CVE-2024-49090 | Microsoft Windows Common Log File System Driver (clfs.sys) Untrusted Pointer Dereference - Local Privilege Escalation (LPE) | Microsoft | LPE | weaponized | False | 2025 |
| 23 | 2025 | CVE-2025-21298 | Microsoft Windows OLE Double Free - Unexploitable | Microsoft | unexploitable | poc | False | 2025 |
| 24 | 2025 | CVE-2025-9491 | Microsoft Windows LNK File UI Misrepresentation (ZDI-CAN-25373) - Remote Code Execution (RCE) | Microsoft | RCE | weaponized | False | 2025 |
| 25 | 2024 | CVE-2024-38189 | Microsoft Project Improper Input Validation - Remote Code Execution (RCE) | Microsoft | RCE | weaponized | True | 2025 |
| 26 | 2024 | CVE-2024-43454 | Microsoft Windows Remote Desktop Licensing Service (TermServLicensing) Relative Path Traversal - Arbitrary File Deletion | Microsoft | Arbitrary File Deletion | weaponized | False | 2025 |
| 27 | 2025 | CVE-2025-21293 | Active Directory Domain Services Improper Access Control - Local Privilege Escalation (LPE) | Microsoft | LPE | weaponized | False | 2025 |
| 28 | 2020 | CVE-2020-9054 | Zyxel NAS and Firewall Devices Command Injection - Remote Code Execution (RCE) | ZyXel | pre-auth RCE | weaponized | True | 2025 |
| 29 | 2025 | CVE-2025-24054 | Microsoft Windows File Explorer Spoofing Vulnerability - NTLM Hash Disclosure | Microsoft | NTLM Hash Disclosure | weaponized | True | 2025 |
| 30 | 2021 | CVE-2021-21551 | Dell DBUtil Driver (dbutil_2_3.sys) Insufficient Access Control - Local Privilege Escalation (LPE) | Dell | LPE | weaponized | True | 2025 |
| 31 | 2023 | CVE-2023-36205 | Zemana AntiMalware/AntiLogger Driver (zamguard64.sys, zam64.sys) Incorrect Access Control - Local Privilege Escalation (LPE), Arbitrary Process Termination (PPL) | Zemana | LPE, Arbitrary Process Termination (PPL) | weaponized | False | 2025 |
| 32 | 2025 | CVE-2025-24985 | Microsoft Windows Fast FAT File System Driver Heap Buffer Overflow - Denial of Service (DoS) | Microsoft | DoS | poc | True | 2025 |
| 33 | 2025 | 0DAY-2025-0001 | Microsoft Management Console (MMC) - NTLM Hash Disclosure | Microsoft | NTLM Hash Disclosure | weaponized | False | 2025 |
| 34 | 2025 | CVE-2025-26633 | Microsoft Management Console (MMC) Security Feature Bypass - Remote Code Execution (RCE) | Microsoft | RCE | weaponized | True | 2025 |
| 35 | 2025 | CVE-2025-21333 | Microsoft Windows Hyper-V NT Kernel Integration VSP Driver (vkrnlintvsp.sys) Heap-based Buffer Overflow - Local Privilege Escalation (LPE) | Microsoft | LPE | weaponized | True | 2025 |
| 36 | 2025 | 0DAY-2025-0002 | Flexense Computing System SyncBreeze - Remote Code Execution (RCE) | Flexense Computing System | pre-auth RCE | weaponized | False | 2025 |
| 37 | 2025 | CVE-2025-21375 | Microsoft Windows Kernel Streaming WOW Thunk Service Driver (ksthunk.sys) Buffer Overflow - Denial of Service (DoS) | Microsoft | DoS | poc | False | 2025 |
| 38 | 2025 | CVE-2025-29824 | Microsoft Windows Common Log File System driver (CLFS.sys) Use After Free - Denial of Service (DoS) | Microsoft | DoS | poc | True | 2025 |
| 39 | 2025 | CVE-2025-32756 | Fortinet multiple products API Stack-based Buffer Overflow - Remote Code Execution (RCE) | Fortinet | pre-auth RCE | weaponized | True | 2025 |
| 40 | 2025 | CVE-2025-47955 | Microsoft Windows Remote Access Connection Manager (RasMan) Improper Privilege Management - Local Privilege Escalation (LPE) | Microsoft | LPE | weaponized | False | 2025 |
| 41 | 2025 | CVE-2025-1758 | Progress Kemp LoadMaster Stack-based Buffer Overflow - Unexploitable | Progress | unexploitable | poc | False | 2025 |
| 42 | 2024 | CVE-2024-51324 | Baidu Antivirus BdApiUtil64.sys Driver Incorrect Access Control - Arbitrary Process Termination (PPL) | Baidu | Arbitrary Process Termination (PPL) | weaponized | False | 2025 |
| 43 | 2025 | CVE-2025-25257 | Fortinet FortiWeb SQL Injection and Command Injection - Remote Code Execution (RCE) | Fortinet | pre-auth RCE | weaponized | True | 2025 |
| 44 | 2025 | 0DAY-2025-0003 | Asus MyAsus Arbitrary File Write - Local Privilege Escalation (LPE) | Asus | LPE | weaponized | False | 2025 |
| 45 | 2025 | CVE-2025-8088 | RARLAB WinRAR Directory Traversal - Remote Code Execution (RCE) | RARLAB | RCE | weaponized | True | 2025 |
| 46 | 2025 | ZDI-CAN-26372 | Microsoft Windows Theme File Parsing Improper Input Validation - NTLM Hash Disclosure | Microsoft | NTLM Hash Disclosure | weaponized | False | 2025 |
| 47 | 2025 | CVE-2025-50154 | Microsoft Windows File Explorer Spoofing Vulnerability - NTLM Hash Disclosure | Microsoft | NTLM Hash Disclosure | weaponized | False | 2025 |
| 48 | 2025 | CVE-2025-33053 | Internet Shortcut Files - Remote Code Execution (RCE) | Microsoft | RCE | weaponized | True | 2025 |
| 49 | 2025 | 0DAY-2025-0004 | SQLite3 Command Injection Vulnerability - Remote Code Execution (RCE) | SQLite | RCE | weaponized | False | 2025 |
| 50 | 2025 | CVE-2025-53136 | Microsoft Windows NT OS Kernel Information Disclosure Vulnerability -KASLR Bypass | Microsoft | KASLR Bypass (Info Disclosure) | weaponized | False | 2025 |
| 51 | 2025 | CVE-2025-30397 | Microsoft Windows Scripting Engine (JScript9.dll) Internet Explorer/Edge Chakra Engine Type Confusion - Remote Code Execution (RCE) | Microsoft | RCE | weaponized | True | 2025 |
| 52 | 2025 | CVE-2025-59287 | Microsoft Windows Server Update Service (WSUS) Unsafe Deserialization - Remote Code Execution (RCE) | Microsoft | pre-auth RCE | weaponized | True | 2025 |
| 53 | 2025 | CVE-2025-24893 | XWiki Unauthenticated Groovy Injection via SolrSearch Macro - Remote Code Execution (RCE) | XWiki | pre-auth RCE | weaponized | True | 2025 |
| 54 | 2025 | CVE-2025-64446 | Fortinet Fortiweb Path Traversal and Command Injection - Remote Code Execution (RCE) | Fortinet | pre-auth RCE | weaponized | True | 2025 |
| 55 | 2025 | CVE-2025-62221 | Microsoft Windows Cloud Files Mini Filter Driver (cldflt.sys) Use After Free - Local Privilege Escalation (LPE) | Microsoft | LPE | weaponized | True | 2025 |
| 56 | 2025 | CVE-2025-26666 | Microsoft Windows Media Heap-based Buffer Overflow - Denial of Service (DoS) | Microsoft | DoS | poc | False | 2026 |
| 57 | 2025 | CVE-2025-49113 | Roundcube Webmail PHP Object Deserialization - Remote Code Execution (RCE) | Roundcube | post-auth RCE | weaponized | True | 2026 |
| 58 | 2025 | CVE-2025-52691 | SmarterTools SmarterMail Arbitrary File Upload - Remote Code Execution (RCE) | SmarterTools | pre-auth RCE | weaponized | True | 2026 |
| 59 | 2026 | CVE-2026-23760 | SmarterTools SmarterMail Authentication Bypass - Remote Code Execution (RCE) | SmarterTools | pre-auth RCE | weaponized | True | 2026 |
| 60 | 2025 | CVE-2025-61882 | Oracle E-Business Suite (EBS) Authentication Bypass and XSLT Code Execution - Remote Code Execution (RCE) | Oracle | pre-auth RCE | weaponized | True | 2026 |
| 61 | 2026 | CVE-2026-24423 | SmarterTools SmarterMail Authentication Bypass - Remote Code Execution (RCE) | SmarterTools | pre-auth RCE | weaponized | True | 2026 |
| 62 | 2026 | CVE-2026-20941 | Host Process for Windows Tasks (taskhostw.exe) Improper Link Resolution - Local Privilege Escalation (LPE) | Microsoft | LPE | weaponized | False | 2026 |
| 63 | 2026 | 0DAY-2026-0001 | Microsoft Visual Studio - NTLM Hash Disclosure | Microsoft | NTLM Hash Disclosure | weaponized | False | 2026 |
| 64 | 2026 | 0DAY-2026-0002 | Microsoft Windows Media Buffer Over-read Vulnerability - Denial of Service (DoS) | Microsoft | DoS | poc | False | 2026 |
| 65 | 2026 | 0DAY-2026-0003 | Microsoft Windows Driver Verifier Extension (VerifierExt.sys) Arbitrary Kernel Write via Unvalidated Pointer Dereference - Local Privilege Escalation (LPE) | Microsoft | LPE | weaponized | False | 2026 |
| 66 | 2026 | CVE-2026-21385 | Qualcomm Adreno GPU Kernel Driver (kgsl) Signed Integer Sign Extension - Elevation of Privilege Vulnerability (LPE) | Qualcomm | LPE | weaponized | True | 2026 |
| 67 | 2026 | CVE-2026-21509 | Microsoft Office Word Security Feature Bypass Vulnerability - Remote Code Execution (RCE) | Microsoft | RCE | weaponized | True | 2026 |
| 68 | 2025 | CVE-2025-38352 | Android/Linux Kernel Time-of-Check Time-of-Use (TOCTOU) Race Condition - Generic Local Privilege Escalation (LPE) | Android | LPE | weaponized | True | 2026 |
