Microsoft has disclosed two critical security vulnerabilities in the Windows Common Log File System (CLFS) Driver that are currently being exploited in the wild.
Released on May 13, 2025, the vulnerabilities-identified as CVE-2025-32706 and CVE-2025-32701-both allow local privilege escalation and have been classified as “Important” with high CVSS scores of 7.8.
https://gbhackers.com/windows-clfs-zero ... exploited/