SafeBreach Labs CVE Discoveries
Browse the list of vulnerabilities uncovered by leading edge researchers on the SafeBreach Labs team. For more of their work, visit our Research Hub.
| Date | CVE ID | CVSS | CVSS (FULL) | CVE DESCRIPTION | NVD LINK | NOTES |
|---|---|---|---|---|---|---|
| 10/2025 | CVE-2025-59199 | 7.8 | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C | Software Protection Platform (SPP) Elevation of Privilege Vulnerability | Link | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-59199 |
| 10/2025 | CVE-2025-59200 | 7.7 | CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:L/I:H/A:L/E:U/RL:O/RC:C | Data Sharing Service Spoofing Vulnerability | Link | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-59200 |
| 10/2025 | CVE-2025-59502 | 7.5 | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C | Remote Procedure Call Denial of Service Vulnerability | Link | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-59502 |
| 7/2025 | CVE-2025-49760 | 3.5 | CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C | Windows Storage Spoofing Vulnerability | Link | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-49760 |
| 7/2025 | CVE-2025-49716 | 7.5 | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C | Windows Netlogon Denial of Service Vulnerability | Link | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-49716 |
| 7/2025 | CVE-2025-49722 | 5.7 | CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C | Windows Print Spooler Denial of Service Vulnerability | Link | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-49722 |
| 6/2025 | CVE-2025-32724 | 7.5 | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C | Local Security Authority Subsystem Service (LSASS) Denial of Service Vulnerability | Link | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-32724 |
| 5/2025 | CVE-2025-29969 | 7.2 | CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C | MS-EVEN RPC Remote Code Execution Vulnerability | Link | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-29969 |
| 4/2025 | CVE-2025-26673 | 7.5 | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C | Windows Lightweight Directory Access Protocol (LDAP) Denial of Service Vulnerability | Link | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-26673 |
| 11/2024 | CVE-2024-10668 | 5.9 | CVSS:4.0/AV:A/AC:H/AT:N/PR:L/UI:A/VC:L/VI:H/VA:L/SC:L/SI:H/SA:L/AU:N/R:U/V:D/RE:L/U:Green | Auth Bypass In Quickshare | Link | https://www.cve.org/cverecord?id=CVE-2024-10668 |
| 8/2024 | CVE-2024-38202 | 7.3 | CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:P/RL:U/RC:C | Windows Update Stack Elevation of Privilege Vulnerability | Link | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38202 |
| 8/2024 | CVE-2024-21302 | 6.7 | CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C | Windows Secure Kernel Mode Elevation of Privilege Vulnerability | Link | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21302 |
| 6/2024 | CVE-2024-38272 | 7.1 | CVSS:4.0/AV:A/AC:H/AT:P/PR:L/UI:N/VC:H/VI:L/VA:L/SC:H/SI:L/SA:L | Auth Bypass In Quick Share | Link | https://www.cve.org/cverecord?id=CVE-2024-38272 |
| 6/2024 | CVE-2024-38271 | 5.9 | CVSS:4.0/AV:A/AC:H/AT:P/PR:L/UI:A/VC:H/VI:L/VA:L/SC:H/SI:L/SA:L | Denial Of Service In Quick Share | Link | https://www.cve.org/cverecord?id=CVE-2024-38271 |
| 11/2023 | CVE-2023-36396 | 7.8 | CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H | Windows Compressed Folder Remote Code Execution Vulnerability | Link | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36396 |
| 12/2023 | CVE-2023-36010 | 7.5 | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H | Microsoft Defender Denial of Service Vulnerability | Link | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36010 |
| 7/2023 | CVE-2023-32054 | 7.3 | CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H | Volume Shadow Copy Elevation of Privilege Vulnerability | Link | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-32054 |
| 4/2023 | CVE-2023-24934 | 5.5 | CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N | Microsoft Defender Security Feature Bypass Vulnerability | Link | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-24934 |
| 4/2023 | CVE-2023-24860 | 7.5 | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H | Windows Defender Denial of Service | Link | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-24860 |
| 3/2023 | CVE-2023-23411 | 6.5 | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H | Windows Hyper-V Denial of Service Vulnerability | Link | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-23411 |
| 12/2022 | CVE-2022-45797 | 7.1 | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H | Arbitrary File Deletion Local Privilege Escalation Vulnerability | Link | https://success.trendmicro.com/dcx/s/solution/000291830?language=en_US |
| 12/2022 | TBA | Arbitrary File Deletion Local Privilege Escalation Vulnerability | https://www.safebreach.com/resources/safebreach-labs-researcher-discovers-multiple-zero-day-vulnerabilities/ | |||
| 11/2022 | CVE-2022-4173 | 8.8 | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | Arbitrary File Deletion Local Privilege Escalation Vulnerability | Link | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4173 |
| 11/2022 | CVE-2022-38015 | 6.5 | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H | Windows Hyper-V Denial of Service Vulnerability | Link | https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-38015 |
| 10/2022 | CVE-2022-37971 | 7.1 | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H | Microsoft Windows Defender Elevation of Privilege Vulnerability | Link | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-37971 |