microsoft
14,453 tracked vulnerabilities.
CVE-2026-46538
MEDIUM
Microsoft UFO accepts cross-device TASK_END messages by session_id only, allowing peer task-result injection
May 27, 2026
CVSS 5.9
EPSS 0.00
CVE-2026-46416
MEDIUM
Microsoft UFO shared WebSocket handler state causes cross-client response hijacking
May 27, 2026
CVSS 6.3
EPSS 0.00
CVE-2026-46414
HIGH
Microsoft UFO WebSocket role spoofing allows authenticated peer task hijacking
May 27, 2026
CVSS 8.8
EPSS 0.01
CVE-2026-46402
HIGH
Microsoft UFO uses untrusted task_name in log paths, allowing authenticated path traversal and log file creation outside the logs directory
May 27, 2026
CVSS 8.1
EPSS 0.01
CVE-2026-45322
HIGH
OS Command Injection in Microsoft UFO Shell Action Replay via Stored Session JSON
May 27, 2026
CVSS 7.8
EPSS 0.02
CVE-2026-47280
CRITICAL
Azure Resource Manager Elevation of Privilege Vulnerability
May 22, 2026
CVSS 10.0
EPSS 0.00
CVE-2026-45659
HIGH
KEV
Microsoft SharePoint Remote Code Execution Vulnerability
May 22, 2026
CVSS 8.8
EPSS 0.03
CVE-2026-42901
CRITICAL
Microsoft Entra ID Elevation of Privilege Vulnerability
May 22, 2026
CVSS 10.0
EPSS 0.00
CVE-2026-42827
MEDIUM
M365 Copilot Information Disclosure Vulnerability
May 22, 2026
CVSS 6.5
EPSS 0.01
CVE-2026-41104
CRITICAL
Microsoft Planetary Computer Pro Information Disclosure Vulnerability
May 22, 2026
CVSS 10.0
EPSS 0.01
CVE-2026-41090
CRITICAL
Microsoft Copilot Tampering Vulnerability
May 22, 2026
CVSS 9.3
EPSS 0.00
CVE-2026-40412
CRITICAL
Azure Orbital Spatio Remote Code Execution Vulnerability
May 22, 2026
CVSS 10.0
EPSS 0.01
CVE-2026-40411
CRITICAL
Azure Virtual Network Gateway Remote Code Execution Vulnerability
May 22, 2026
CVSS 9.9
EPSS 0.01
CVE-2026-35430
HIGH
Azure Privileged Identity Management (PIM) Elevation of Privilege Vulnerability
May 22, 2026
CVSS 8.8
EPSS 0.00
CVE-2026-33843
CRITICAL
Microsoft Azure Active Directory B2C Elevation of Privilege Vulnerability
May 22, 2026
CVSS 9.1
EPSS 0.00
CVE-2026-26147
HIGH
Azure Stack HCI Information Disclosure Vulnerability
May 22, 2026
CVSS 7.7
EPSS 0.01
CVE-2026-23663
HIGH
Microsoft Global Secure Access (GSA) Information Disclosure Vulnerability
May 22, 2026
CVSS 7.5
EPSS 0.01
CVE-2026-23652
CRITICAL
Microsoft Power Pages Remote Code Execution Vulnerability
May 22, 2026
CVSS 10.0
EPSS 0.01
CVE-2026-45584
HIGH
Microsoft Defender Remote Code Execution Vulnerability
May 20, 2026
CVSS 8.1
EPSS 0.01
CVE-2026-45498
MEDIUM
KEV
Microsoft Defender Denial of Service Vulnerability
May 20, 2026
CVSS 4.0
EPSS 0.63
CVE-2026-42834
HIGH
Windows Admin Center in Azure Portal Elevation of Privilege Vulnerability
May 20, 2026
CVSS 7.8
EPSS 0.00
CVE-2026-41091
HIGH
KEV
Microsoft Defender Elevation of Privilege Vulnerability
May 20, 2026
CVSS 7.8
EPSS 0.08
CVE-2026-45585
MEDIUM
Microsoft Windows 11 Version 24H2 - Windows BitLocker Security Feature Bypass Vulnerability
May 20, 2026
CVSS 6.8
EPSS 0.01
CVE-2026-45495
HIGH
Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability
May 18, 2026
CVSS 8.8
EPSS 0.01
CVE-2026-45494
MEDIUM
Microsoft Edge (Chromium-based) Spoofing Vulnerability
May 18, 2026
CVSS 5.4
EPSS 0.00
Products
windows_server_2016 4,686
windows_server_2019 4,438
windows_server_2012 3,891
windows_server_2008 3,554
windows_10 2,974
windows_server_2022 2,813
windows_7 2,368
windows_8.1 2,216
windows_10_21h2 2,031
windows_10_22h2 2,029
windows_10_1809 2,024
windows_rt_8.1 2,020
windows_10_1607 1,735
windows_server_2022_23h2 1,676
windows_11_23h2 1,657
windows_11_22h2 1,652
internet_explorer 1,635
windows_11_24h2 1,349
windows_server_2025 1,314
windows_10_1507 1,230
office 1,033
windows_11_21h2 1,001
windows_vista 828
edge 756
windows_xp 739
Windows 11 Version 24H2 708
Windows Server 2019 689
Windows Server 2022 689
Windows Server 2019 (Server Core installation) 687
Windows Server 2025 670
Quick Filters