AI Sec Watch: A Security Intelligence Platform for AI Systems

Luu, T.J.

🔥 This vulnerability is being actively exploited in the wild (CISA Known Exploited Vulnerabilities catalog)

CVE-2023-36424: Microsoft Windows Out-of-Bounds Read Vulnerability

infovulnerability🔥 Actively Exploited

security

Source: CISA Known Exploited VulnerabilitiesApril 12, 2026CVE-2023-36424

Summary

Microsoft Windows has a bug in its Common Log File System Driver (a program that manages log files on your computer) that allows an attacker to read memory outside the intended boundaries, potentially giving them higher-level access to your system. This vulnerability is currently being actively exploited by attackers in real-world attacks.

Solution / Mitigation

Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

Vulnerability Details

EPSS (30-day exploit probability)

EPSS: 10.3%

Patch Available

Yes

Exploit Maturity

🔥 Actively Exploited

Disclosure Date

April 12, 2026

Classification

Attack SophisticationModerate

Taxonomy References

CWE (Weakness Type)

CWE-125

CAPEC (Attack Pattern)

CAPEC-540

Monthly digest — independent AI security research

Original source: https://nvd.nist.gov/vuln/detail/CVE-2023-36424

First tracked: April 13, 2026 at 02:00 PM

Classified by LLM (prompt v3) · confidence: 95%