Microsoft

13,708 tracked vulnerabilities.

CVE-2026-21535 HIGH
Microsoft Teams - Info Disclosure
Feb 19, 2026
CVSS 8.2
EPSS 0.00
CVE-2026-26030 CRITICAL
Microsoft Semantic Kernel <1.39.4 - RCE
Feb 19, 2026
CVSS 9.9
EPSS 0.00
CVE-2026-26119 HIGH
Windows Admin Center - Privilege Escalation
Feb 17, 2026
CVSS 8.8
EPSS 0.00
CVE-2026-0102 LOW
Web Browser - Info Disclosure
Feb 17, 2026
CVSS 3.1
EPSS 0.00
CVE-2026-23655 MEDIUM
Azure Compute Gallery - Info Disclosure
Feb 10, 2026
CVSS 6.5
EPSS 0.00
CVE-2026-21537 HIGH
Microsoft Defender For Endpoint - Code Injection
Feb 10, 2026
CVSS 8.8
EPSS 0.00
CVE-2026-21533 HIGHKEV
Microsoft Windows 10 1607 - Improper Privilege Management
Feb 10, 2026
CVSS 7.8
EPSS 0.03
CVE-2026-21531 CRITICAL
Microsoft Azure Conversation Authorin... - Insecure Deserialization
Feb 10, 2026
CVSS 9.8
EPSS 0.00
CVE-2026-21529 MEDIUM
Microsoft Azure Hdinsight < 5.1 - XSS
Feb 10, 2026
CVSS 5.7
EPSS 0.00
CVE-2026-21528 MEDIUM
Microsoft Azure Iot Explorer < 0.15.13 - Exposure to Wrong Actor
Feb 10, 2026
CVSS 6.5
EPSS 0.00
CVE-2026-21527 MEDIUM
Microsoft Exchange Server - Info Disclosure
Feb 10, 2026
CVSS 6.5
EPSS 0.00
CVE-2026-21525 MEDIUMKEV
Microsoft Windows 10 1607 < 10.0.14393.8868 - NULL Pointer Dereference
Feb 10, 2026
CVSS 6.2
EPSS 0.03
CVE-2026-21523 HIGH
Microsoft Visual Studio Code < 1.109.2 - TOCTOU Race Condition
Feb 10, 2026
CVSS 8.0
EPSS 0.00
CVE-2026-21522 MEDIUM
Microsoft Confcom < 1.2.8 - Command Injection
Feb 10, 2026
CVSS 6.7
EPSS 0.00
CVE-2026-21519 HIGHKEV
Microsoft Windows 10 1607 < 10.0.14393.8868 - Type Confusion
Feb 10, 2026
CVSS 7.8
EPSS 0.03
CVE-2026-21518 HIGH
Microsoft Visual Studio Code < 1.109.2 - Command Injection
Feb 10, 2026
CVSS 8.8
EPSS 0.00
CVE-2026-21517 MEDIUM
Windows App for Mac - Privilege Escalation
Feb 10, 2026
CVSS 4.7
EPSS 0.00
CVE-2026-21516 HIGH
Microsoft Github Copilot < 1.5.63-243 - Command Injection
Feb 10, 2026
CVSS 8.8
EPSS 0.00
CVE-2026-21514 HIGHKEV
Microsoft Office Word - Info Disclosure
Feb 10, 2026
CVSS 7.8
EPSS 0.05
CVE-2026-21513 HIGHKEV
MSHTML Framework - Auth Bypass
Feb 10, 2026
CVSS 8.8
EPSS 0.05
CVE-2026-21512 MEDIUM
Microsoft Azure Devops Server < 2022.2.0 - SSRF
Feb 10, 2026
CVSS 6.5
EPSS 0.00
CVE-2026-21511 HIGH
Microsoft 365 Apps < 16.0.19127.20518 - Insecure Deserialization
Feb 10, 2026
CVSS 7.5
EPSS 0.00
CVE-2026-21510 HIGHKEV
Windows Shell < unknown - Privilege Escalation
Feb 10, 2026
CVSS 8.8
EPSS 0.03
CVE-2026-21508 HIGH
Microsoft Windows 10 1607 < 10.0.14393.8868 - Authentication Bypass
Feb 10, 2026
CVSS 7.0
EPSS 0.00
CVE-2026-21261 MEDIUM
Microsoft Office Excel - Info Disclosure
Feb 10, 2026
CVSS 5.5
EPSS 0.00
Products
windows_server_2016 4,446 windows_server_2019 4,154 windows_server_2012 3,694 windows_server_2008 3,554 windows_10 2,974 windows_server_2022 2,497 windows_7 2,368 windows_8.1 2,216 windows_rt_8.1 2,020 windows_10_1809 1,753 windows_10_21h2 1,741 windows_10_22h2 1,739 windows_11_22h2 1,651 internet_explorer 1,635 windows_10_1607 1,509 windows_server_2022_23h2 1,460 windows_11_23h2 1,350 windows_10_1507 1,230 windows_11_24h2 1,025 windows_11_21h2 1,001 office 999 windows_server_2025 979 windows_vista 828 edge 753 windows_xp 739 windows_11 573 windows_2000 515 sharepoint_server 464 windows_server_2003 456 365_apps 438
Quick Filters
Critical CVEs With Exploits In CISA KEV