microsoft
14,453 tracked vulnerabilities.
CVE-2026-45492
MEDIUM
Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability
May 18, 2026
CVSS 5.4
EPSS 0.00
CVE-2026-42822
CRITICAL
Azure Local Disconnected Operations (ALDO) Elevation of Privilege Vulnerability
May 18, 2026
CVSS 10.0
EPSS 0.00
CVE-2026-46383
MEDIUM
Microsoft APM: Windows absolute-path tar member overwrite during legacy-bundle probing in `apm install`
May 15, 2026
CVSS 5.5
EPSS 0.01
CVE-2026-45539
HIGH
Microsoft APM: Symlinks under `.apm/prompts/` and `.apm/agents/` are dereferenced during `apm install`, copying host-local file contents into the project tree
May 15, 2026
CVSS 7.4
EPSS 0.01
CVE-2026-44641
HIGH
Microsoft APM: plugin.json component paths escape plugin root and copy arbitrary host files during install
May 15, 2026
CVSS 7.1
EPSS 0.00
CVE-2026-42897
HIGH
KEV
Microsoft Exchange Server Spoofing Vulnerability
May 14, 2026
CVSS 8.1
EPSS 0.06
CVE-2026-41615
CRITICAL
Microsoft Authenticator Information Disclosure Vulnerability
May 14, 2026
CVSS 9.6
EPSS 0.01
CVE-2026-44503
HIGH
Kiota abstractions RedirectHandler leaks Cookie/Proxy-Authorization headers on cross-host redirect
May 14, 2026
EPSS 0.01
CVE-2026-42899
HIGH
Microsoft ASP.NET Core - Infinite Loop Denial of Service
May 12, 2026
CVSS 7.5
EPSS 0.02
CVE-2026-42898
CRITICAL
Microsoft Dynamics 365 On-Premises Remote Code Execution Vulnerability
May 12, 2026
CVSS 9.9
EPSS 0.01
CVE-2026-42896
HIGH
Microsoft Windows 11 Version 24H2 - Windows DWM Core Library Elevation of Privilege Vulnerability
May 12, 2026
CVSS 7.8
EPSS 0.00
CVE-2026-42893
HIGH
Microsoft Outlook for iOS Tampering Vulnerability
May 12, 2026
CVSS 7.4
EPSS 0.00
CVE-2026-42891
MEDIUM
Microsoft Edge (Chromium-based) for Android Spoofing Vulnerability
May 12, 2026
CVSS 6.5
EPSS 0.00
CVE-2026-42838
MEDIUM
Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability
May 12, 2026
CVSS 5.4
EPSS 0.00
CVE-2026-42833
CRITICAL
Microsoft Dynamics 365 On-Premises Remote Code Execution Vulnerability
May 12, 2026
CVSS 9.1
EPSS 0.01
CVE-2026-42832
HIGH
Microsoft Office Spoofing Vulnerability
May 12, 2026
CVSS 7.7
EPSS 0.00
CVE-2026-42831
HIGH
Microsoft Office Remote Code Execution Vulnerability
May 12, 2026
CVSS 7.8
EPSS 0.00
CVE-2026-42830
MEDIUM
Azure Monitor Agent Metrics Extension Elevation of Privilege Vulnerability
May 12, 2026
CVSS 6.5
EPSS 0.00
CVE-2026-42825
HIGH
Microsoft Windows 10 Version 1607 - Windows Telephony Service Elevation of Privilege Vulnerability
May 12, 2026
CVSS 7.0
EPSS 0.00
CVE-2026-42823
CRITICAL
Azure Logic Apps Elevation of Privilege Vulnerability
May 12, 2026
CVSS 9.9
EPSS 0.01
CVE-2026-41614
MEDIUM
M365 Copilot for Desktop Spoofing Vulnerability
May 12, 2026
CVSS 6.2
EPSS 0.00
CVE-2026-41613
HIGH
Visual Studio Code Elevation of Privilege Vulnerability
May 12, 2026
CVSS 8.8
EPSS 0.01
CVE-2026-41612
MEDIUM
Visual Studio Code Information Disclosure Vulnerability
May 12, 2026
CVSS 5.5
EPSS 0.00
CVE-2026-41611
HIGH
Visual Studio Code Remote Code Execution Vulnerability
May 12, 2026
CVSS 7.8
EPSS 0.00
CVE-2026-41610
MEDIUM
Visual Studio Code Security Feature Bypass Vulnerability
May 12, 2026
CVSS 6.3
EPSS 0.01
Products
windows_server_2016 4,686
windows_server_2019 4,438
windows_server_2012 3,891
windows_server_2008 3,554
windows_10 2,974
windows_server_2022 2,813
windows_7 2,368
windows_8.1 2,216
windows_10_21h2 2,031
windows_10_22h2 2,029
windows_10_1809 2,024
windows_rt_8.1 2,020
windows_10_1607 1,735
windows_server_2022_23h2 1,676
windows_11_23h2 1,657
windows_11_22h2 1,652
internet_explorer 1,635
windows_11_24h2 1,349
windows_server_2025 1,314
windows_10_1507 1,230
office 1,033
windows_11_21h2 1,001
windows_vista 828
edge 756
windows_xp 739
Windows 11 Version 24H2 708
Windows Server 2019 689
Windows Server 2022 689
Windows Server 2019 (Server Core installation) 687
Windows Server 2025 670
Quick Filters