microsoft

14,170 tracked vulnerabilities.

CVE-2026-34054 HIGH
openssl on Windows built with openssldir set from the build machine (Uncontrolled Search Path Element)
Mar 31, 2026
CVSS 7.8
EPSS 0.00
CVE-2026-32194 CRITICAL
Microsoft Bing Images Remote Code Execution Vulnerability
Mar 19, 2026
CVSS 9.8
EPSS 0.00
CVE-2026-32191 CRITICAL
Microsoft Bing Images Remote Code Execution Vulnerability
Mar 19, 2026
CVSS 9.8
EPSS 0.00
CVE-2026-32169 CRITICAL
Azure Cloud Shell Elevation of Privilege Vulnerability
Mar 19, 2026
CVSS 10.0
EPSS 0.00
CVE-2026-26139 HIGH
Microsoft Purview Elevation of Privilege Vulnerability
Mar 19, 2026
CVSS 8.6
EPSS 0.00
CVE-2026-26138 HIGH
Microsoft Purview Elevation of Privilege Vulnerability
Mar 19, 2026
CVSS 8.6
EPSS 0.00
CVE-2026-26137 CRITICAL
Microsoft 365 Copilot BizChat Elevation of Privilege Vulnerability
Mar 19, 2026
CVSS 9.9
EPSS 0.00
CVE-2026-26136 MEDIUM
Microsoft Copilot Information Disclosure Vulnerability
Mar 19, 2026
CVSS 6.5
EPSS 0.00
CVE-2026-26120 MEDIUM
Microsoft Bing Tampering Vulnerability
Mar 19, 2026
CVSS 6.5
EPSS 0.00
CVE-2026-24299 MEDIUM
M365 Copilot Information Disclosure Vulnerability
Mar 19, 2026
CVSS 5.3
EPSS 0.00
CVE-2026-23659 HIGH
Azure Data Factory Information Disclosure Vulnerability
Mar 19, 2026
CVSS 8.6
EPSS 0.00
CVE-2026-23658 HIGH
Azure DevOps: msazure Elevation of Privilege Vulnerability
Mar 19, 2026
CVSS 8.6
EPSS 0.00
CVE-2026-25667 HIGH
.NET 8.0.0-8.0.21 and 9.0.0-9.0.10 - Uncontrolled Resource Consumption via Crafted QUIC Packet
Mar 19, 2026
CVSS 7.5
EPSS 0.06
CVE-2026-26133 HIGH
M365 Copilot Information Disclosure Vulnerability
Mar 16, 2026
CVSS 7.1
EPSS 0.00
CVE-2026-0385 MEDIUM
Microsoft Edge (Chromium-based) for Android - Spoofing
Mar 16, 2026
CVSS 5.0
EPSS 0.00
CVE-2026-26123 MEDIUM
Microsoft Authenticator - Info Disclosure
Mar 10, 2026
CVSS 5.5
EPSS 0.00
CVE-2026-26148 HIGH
Azure Entra ID - Privilege Escalation
Mar 10, 2026
CVSS 8.1
EPSS 0.00
CVE-2026-26144 HIGH
Microsoft 365 Apps for Enterprise - Cross-Site Scripting in Excel
Mar 10, 2026
CVSS 7.5
EPSS 0.00
CVE-2026-26141 HIGH
Azure Automation Hybrid Worker Windows Extension < 1.3.74 - Privilege Escalation via Improper Authentication
Mar 10, 2026
CVSS 7.8
EPSS 0.00
CVE-2026-26134 HIGH
Microsoft Office - Privilege Escalation
Mar 10, 2026
CVSS 7.8
EPSS 0.00
CVE-2026-26132 HIGH
Windows Kernel - Privilege Escalation
Mar 10, 2026
CVSS 7.8
EPSS 0.00
CVE-2026-26131 HIGH
.NET 10.0 < 10.0.4 - Authenticated Privilege Escalation via Incorrect Default Permissions
Mar 10, 2026
CVSS 7.8
EPSS 0.00
CVE-2026-26130 HIGH
Microsoft.AspNetCore.App.Runtime 8.0.0-8.0.24 - Unauthenticated Denial of Service
Mar 10, 2026
CVSS 7.5
EPSS 0.04
CVE-2026-26128 HIGH
Windows SMB Server - Privilege Escalation
Mar 10, 2026
CVSS 7.8
EPSS 0.00
CVE-2026-26127 HIGH
.NET - DoS
Mar 10, 2026
CVSS 7.5
EPSS 0.00
Products
windows_server_2016 4,606 windows_server_2019 4,345 windows_server_2012 3,825 windows_server_2008 3,554 windows_10 2,974 windows_server_2022 2,699 windows_7 2,368 windows_8.1 2,216 windows_rt_8.1 2,020 windows_10_1809 1,935 windows_10_21h2 1,934 windows_10_22h2 1,932 windows_server_2022_23h2 1,666 windows_10_1607 1,658 windows_11_22h2 1,651 internet_explorer 1,635 windows_11_23h2 1,548 windows_11_24h2 1,234 windows_10_1507 1,230 windows_server_2025 1,195 office 1,032 windows_11_21h2 1,001 windows_vista 828 edge 756 windows_xp 739 windows_11 573 windows_2000 515 windows_11_25h2 502 sharepoint_server 477 365_apps 472
Quick Filters
Critical CVEs With Exploits In CISA KEV