microsoft

15,023 tracked vulnerabilities.

CVE-2026-41108 HIGH
Microsoft Windows 10 Version 1607 - Windows DNS Client Elevation of Privilege Vulnerability
Jun 09, 2026
CVSS 7.0
EPSS 0.00
CVE-2026-41098 HIGH
Azure Stack Edge Spoofing Vulnerability
Jun 09, 2026
CVSS 8.4
EPSS 0.01
CVE-2026-41092 HIGH
Microsoft Kinect Elevation of Privilege Vulnerability
Jun 09, 2026
CVSS 7.8
EPSS 0.00
CVE-2026-40409 HIGH
Windows Universal Disk Format File System Driver (UDFS) Elevation of Privilege Vulnerability
Jun 09, 2026
CVSS 7.8
EPSS 0.00
CVE-2026-40404 HIGH
Windows Universal Disk Format File System Driver (UDFS) Elevation of Privilege Vulnerability
Jun 09, 2026
CVSS 7.8
EPSS 0.00
CVE-2026-40376 HIGH
Visual Studio Code Elevation of Privilege Vulnerability
Jun 09, 2026
CVSS 7.5
EPSS 0.01
CVE-2026-40371 HIGH
Microsoft Dynamics 365 (on-premises) Elevation of Privilege Vulnerability
Jun 09, 2026
CVSS 8.8
EPSS 0.01
CVE-2026-34335 HIGH
Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability
Jun 09, 2026
CVSS 7.0
EPSS 0.00
CVE-2026-33828 HIGH
Windows Device Health Attestation (DHA) Elevation of Privilege Vulnerability
Jun 09, 2026
CVSS 7.8
EPSS 0.00
CVE-2026-33113 MEDIUM
Microsoft SharePoint Server Spoofing Vulnerability
Jun 09, 2026
CVSS 5.4
EPSS 0.01
CVE-2026-32193 HIGH
Azure Kubernetes Service (AKS) Remote Code Execution Vulnerability
Jun 09, 2026
CVSS 8.8
EPSS 0.00
CVE-2026-26142 CRITICAL
Nuance PowerScribe Remote Code Execution Vulnerability
Jun 09, 2026
CVSS 9.8
EPSS 0.02
CVE-2026-48579 CRITICAL
Microsoft Exchange Online Information Disclosure Vulnerability
Jun 04, 2026
CVSS 9.1
EPSS 0.01
CVE-2026-48567 CRITICAL
Azure HorizonDB Elevation of Privilege Vulnerability
Jun 04, 2026
CVSS 10.0
EPSS 0.01
CVE-2026-47655 MEDIUM
Microsoft Graph Information Disclosure Vulnerability
Jun 04, 2026
CVSS 6.5
EPSS 0.01
CVE-2026-47644 MEDIUM
Copilot Chat (Microsoft Edge) Information Disclosure Vulnerability
Jun 04, 2026
CVSS 6.5
EPSS 0.01
CVE-2026-45497 HIGH
Microsoft M365 Copilot Remote Code Execution Vulnerability
Jun 04, 2026
CVSS 7.7
EPSS 0.00
CVE-2026-42824 MEDIUM
M365 Copilot Information Disclosure Vulnerability
Jun 04, 2026
CVSS 6.5
EPSS 0.08
CVE-2026-47294 HIGH
Microsoft Office SharePoint - Remote Code Execution via Untrusted Data Deserialization
Jun 01, 2026
CVSS 8.0
EPSS 0.01
CVE-2026-46544 MEDIUM
Microsoft UFO reuses client-supplied WebSocket session IDs and replays stale task results to new authenticated requesters
May 27, 2026
CVSS 5.3
EPSS 0.00
CVE-2026-46538 MEDIUM
Microsoft UFO accepts cross-device TASK_END messages by session_id only, allowing peer task-result injection
May 27, 2026
CVSS 5.9
EPSS 0.00
CVE-2026-46416 MEDIUM
Microsoft UFO shared WebSocket handler state causes cross-client response hijacking
May 27, 2026
CVSS 6.3
EPSS 0.00
CVE-2026-46414 HIGH
Microsoft UFO WebSocket role spoofing allows authenticated peer task hijacking
May 27, 2026
CVSS 8.8
EPSS 0.01
CVE-2026-46402 HIGH
Microsoft UFO uses untrusted task_name in log paths, allowing authenticated path traversal and log file creation outside the logs directory
May 27, 2026
CVSS 8.1
EPSS 0.01
CVE-2026-45322 HIGH
OS Command Injection in Microsoft UFO Shell Action Replay via Stored Session JSON
May 27, 2026
CVSS 7.8
EPSS 0.02