microsoft

14,453 tracked vulnerabilities.

CVE-2026-45492 MEDIUM
Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability
May 18, 2026
CVSS 5.4
EPSS 0.00
CVE-2026-42822 CRITICAL
Azure Local Disconnected Operations (ALDO) Elevation of Privilege Vulnerability
May 18, 2026
CVSS 10.0
EPSS 0.00
CVE-2026-46383 MEDIUM
Microsoft APM: Windows absolute-path tar member overwrite during legacy-bundle probing in `apm install`
May 15, 2026
CVSS 5.5
EPSS 0.01
CVE-2026-45539 HIGH
Microsoft APM: Symlinks under `.apm/prompts/` and `.apm/agents/` are dereferenced during `apm install`, copying host-local file contents into the project tree
May 15, 2026
CVSS 7.4
EPSS 0.01
CVE-2026-44641 HIGH
Microsoft APM: plugin.json component paths escape plugin root and copy arbitrary host files during install
May 15, 2026
CVSS 7.1
EPSS 0.00
CVE-2026-42897 HIGH KEV
Microsoft Exchange Server Spoofing Vulnerability
May 14, 2026
CVSS 8.1
EPSS 0.06
CVE-2026-41615 CRITICAL
Microsoft Authenticator Information Disclosure Vulnerability
May 14, 2026
CVSS 9.6
EPSS 0.01
CVE-2026-44503 HIGH
Kiota abstractions RedirectHandler leaks Cookie/Proxy-Authorization headers on cross-host redirect
May 14, 2026
EPSS 0.01
CVE-2026-42899 HIGH
Microsoft ASP.NET Core - Infinite Loop Denial of Service
May 12, 2026
CVSS 7.5
EPSS 0.02
CVE-2026-42898 CRITICAL
Microsoft Dynamics 365 On-Premises Remote Code Execution Vulnerability
May 12, 2026
CVSS 9.9
EPSS 0.01
CVE-2026-42896 HIGH
Microsoft Windows 11 Version 24H2 - Windows DWM Core Library Elevation of Privilege Vulnerability
May 12, 2026
CVSS 7.8
EPSS 0.00
CVE-2026-42893 HIGH
Microsoft Outlook for iOS Tampering Vulnerability
May 12, 2026
CVSS 7.4
EPSS 0.00
CVE-2026-42891 MEDIUM
Microsoft Edge (Chromium-based) for Android Spoofing Vulnerability
May 12, 2026
CVSS 6.5
EPSS 0.00
CVE-2026-42838 MEDIUM
Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability
May 12, 2026
CVSS 5.4
EPSS 0.00
CVE-2026-42833 CRITICAL
Microsoft Dynamics 365 On-Premises Remote Code Execution Vulnerability
May 12, 2026
CVSS 9.1
EPSS 0.01
CVE-2026-42832 HIGH
Microsoft Office Spoofing Vulnerability
May 12, 2026
CVSS 7.7
EPSS 0.00
CVE-2026-42831 HIGH
Microsoft Office Remote Code Execution Vulnerability
May 12, 2026
CVSS 7.8
EPSS 0.00
CVE-2026-42830 MEDIUM
Azure Monitor Agent Metrics Extension Elevation of Privilege Vulnerability
May 12, 2026
CVSS 6.5
EPSS 0.00
CVE-2026-42825 HIGH
Microsoft Windows 10 Version 1607 - Windows Telephony Service Elevation of Privilege Vulnerability
May 12, 2026
CVSS 7.0
EPSS 0.00
CVE-2026-42823 CRITICAL
Azure Logic Apps Elevation of Privilege Vulnerability
May 12, 2026
CVSS 9.9
EPSS 0.01
CVE-2026-41614 MEDIUM
M365 Copilot for Desktop Spoofing Vulnerability
May 12, 2026
CVSS 6.2
EPSS 0.00
CVE-2026-41613 HIGH
Visual Studio Code Elevation of Privilege Vulnerability
May 12, 2026
CVSS 8.8
EPSS 0.01
CVE-2026-41612 MEDIUM
Visual Studio Code Information Disclosure Vulnerability
May 12, 2026
CVSS 5.5
EPSS 0.00
CVE-2026-41611 HIGH
Visual Studio Code Remote Code Execution Vulnerability
May 12, 2026
CVSS 7.8
EPSS 0.00
CVE-2026-41610 MEDIUM
Visual Studio Code Security Feature Bypass Vulnerability
May 12, 2026
CVSS 6.3
EPSS 0.01