uname1able

7 exploits Active since Apr 2022
CVE-2026-24291 NOMISEC HIGH WORKING POC
Windows Accessibility Infrastructure - Privilege Escalation
Incorrect permission assignment for critical resource in Windows Accessibility Infrastructure (ATBroker.exe) allows an authorized attacker to elevate privileges locally.
CVSS 7.8
CVE-2026-20820 NOMISEC HIGH WORKING POC
Windows Common Log File System Driver - Buffer Overflow
Heap-based buffer overflow in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally.
CVSS 7.8
CVE-2025-29824 NOMISEC HIGH WORKING POC
Windows Common Log File System Driver - Use-After-Free
Use after free in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally.
CVSS 7.8
CVE-2026-2636 NOMISEC MEDIUM STUB
Windows OS < 25H2 - Denial of Service via CLFS.sys Driver Inconsistency
This vulnerability is caused by a CWE‑159: "Improper Handling of Invalid Use of Special Elements" weakness, which leads to an unrecoverable inconsistency in the CLFS.sys driver. This condition forces a call to the KeBugCheckEx function, allowing an unprivileged user to trigger a system crash. Microsoft silently fixed this vulnerability in the September 2025 cumulative update for Windows 11 2024 LTSC and Windows Server 2025. Windows 25H2 (released in September) was released with the patch. Windows 1123h2 and earlier versions remain vulnerable.
CVSS 5.5
CVE-2022-24481 NOMISEC HIGH WORKING POC
Windows Common Log File System Driver - Privilege Escalation
Windows Common Log File System Driver Elevation of Privilege Vulnerability
CVSS 7.8
CVE-2022-37969 NOMISEC HIGH WORKING POC
Windows Common Log File System Driver - Elevation of Privilege via Out-of-bounds Write
Windows Common Log File System Driver Elevation of Privilege Vulnerability
CVSS 7.8
CVE-2022-24521 NOMISEC HIGH WORKING POC
Windows Common Log File System Driver - Privilege Escalation
Windows Common Log File System Driver Elevation of Privilege Vulnerability
CVSS 7.8