microsoft
14,170 tracked vulnerabilities.
CVE-2026-20815
HIGH
Capability Access Management Service - Privilege Escalation
Jan 13, 2026
CVSS 7.0
EPSS 0.00
CVE-2026-20814
HIGH
Graphics Kernel - Privilege Escalation
Jan 13, 2026
CVSS 7.0
EPSS 0.00
CVE-2026-20812
MEDIUM
Windows LDAP - Lightweight Directory Access Protocol - Info Disclosure
Jan 13, 2026
CVSS 6.5
EPSS 0.00
CVE-2026-20811
HIGH
Windows Win32K - ICOMP - Privilege Escalation
Jan 13, 2026
CVSS 7.8
EPSS 0.00
CVE-2026-20810
HIGH
Windows Ancillary Function Driver - Privilege Escalation
Jan 13, 2026
CVSS 7.8
EPSS 0.00
CVE-2026-20809
HIGH
Windows Kernel Memory - Privilege Escalation
Jan 13, 2026
CVSS 7.8
EPSS 0.00
CVE-2026-20808
HIGH
Printer Association Object - Privilege Escalation
Jan 13, 2026
CVSS 7.0
EPSS 0.00
CVE-2026-20805
MEDIUM
KEV
Desktop Windows Manager - Info Disclosure
Jan 13, 2026
CVSS 5.5
EPSS 0.03
CVE-2026-20804
HIGH
Windows Hello < Privilege Escalation
Jan 13, 2026
CVSS 7.7
EPSS 0.00
CVE-2026-20803
HIGH
Microsoft SQL Server 2022 and 2025 - Missing Authentication for Critical Function
Jan 13, 2026
CVSS 7.2
EPSS 0.00
CVE-2026-0386
HIGH
Windows Server 2008-2025 - Unauthenticated Remote Code Execution via Deployment Services
Jan 13, 2026
CVSS 7.5
EPSS 0.00
CVE-2025-62224
MEDIUM
Microsoft Edge for Android - Spoofing
Jan 07, 2026
CVSS 5.5
EPSS 0.00
CVE-2025-9611
HIGH
Microsoft Playwright MCP Server <0.0.40 - SSRF
Jan 07, 2026
EPSS 0.00
CVE-2025-64675
HIGH
Azure Cosmos DB - Cross-Site Scripting
Dec 19, 2025
CVSS 8.3
EPSS 0.00
CVE-2025-65046
LOW
Microsoft Edge Chromium < 143.0.3650.88 - Spoofing
Dec 18, 2025
CVSS 3.1
EPSS 0.00
CVE-2025-65041
CRITICAL
Microsoft Partner Center - Unauthenticated Privilege Escalation
Dec 18, 2025
CVSS 10.0
EPSS 0.00
CVE-2025-65037
CRITICAL
Azure Container Apps - Remote Code Execution
Dec 18, 2025
CVSS 10.0
EPSS 0.00
CVE-2025-64677
HIGH
Office Out-of-Box Experience - Cross-Site Scripting
Dec 18, 2025
CVSS 8.2
EPSS 0.00
CVE-2025-64676
HIGH
Microsoft Purview - Path Traversal and Remote Code Execution via '.../...//'
Dec 18, 2025
CVSS 7.2
EPSS 0.00
CVE-2025-64663
CRITICAL
Azure Cognitive Service for Language - Server-Side Request Forgery
Dec 18, 2025
CVSS 9.9
EPSS 0.00
CVE-2025-14174
HIGH
KEV
Google Chrome <143.0.7499.110 - Memory Corruption
Dec 12, 2025
CVSS 8.8
EPSS 0.00
CVE-2025-64669
HIGH
Windows Admin Center < 2511 and 1809.0-2.6.5.16 - Authenticated Privilege Escalation
Dec 11, 2025
CVSS 7.8
EPSS 0.00
CVE-2025-64680
HIGH
Windows 10/11, Server 2016 - Privilege Escalation via DWM Core Library Heap Overflow
Dec 09, 2025
CVSS 7.8
EPSS 0.00
CVE-2025-64679
HIGH
Windows DWM Core Library - Authenticated Heap-based Buffer Overflow
Dec 09, 2025
CVSS 7.8
EPSS 0.00
CVE-2025-64678
HIGH
Windows 10 1607-22H2, Windows 11 23H2-25H2, Windows Server 2008-2016 - Remote Code Execution via RRAS Heap Overflow
Dec 09, 2025
CVSS 8.8
EPSS 0.00
Products
windows_server_2016 4,606
windows_server_2019 4,345
windows_server_2012 3,825
windows_server_2008 3,554
windows_10 2,974
windows_server_2022 2,699
windows_7 2,368
windows_8.1 2,216
windows_rt_8.1 2,020
windows_10_1809 1,935
windows_10_21h2 1,934
windows_10_22h2 1,932
windows_server_2022_23h2 1,666
windows_10_1607 1,658
windows_11_22h2 1,651
internet_explorer 1,635
windows_11_23h2 1,548
windows_11_24h2 1,234
windows_10_1507 1,230
windows_server_2025 1,195
office 1,032
windows_11_21h2 1,001
windows_vista 828
edge 756
windows_xp 739
windows_11 573
windows_2000 515
windows_11_25h2 502
sharepoint_server 477
365_apps 472
Quick Filters