Windows CVE-2026-2636 PoC Released: Low-Privileged BSOD Crash Exploit

A public proof-of-concept exploit now exists for CVE-2026-2636 in Windows Common Log File System (CLFS) driver. Any low-privileged user can trigger an unrecoverable Blue Screen of Death (BSOD) crash. Ricardo Narvaja of Fortra discovered this denial-of-service flaw during CLFS research. The issue lies in improper flag validation in CLFS!CClfsRequest::ReadLogPagingIo within CLFS.sys (version 10.0.22621.5037). Attackers craft […] The post Windows CVE-2026-2636 PoC Released: Low-Privileged BSOD Crash Exploit appeared first on VPN Central.