microsoft

14,170 tracked vulnerabilities.

CVE-2025-59252 CRITICAL
Microsoft 365 Word Copilot - Command Injection
Oct 09, 2025
CVSS 9.3
EPSS 0.00
CVE-2025-59247 HIGH
Azure PlayFab - Improper Privilege Management
Oct 09, 2025
CVSS 8.8
EPSS 0.00
CVE-2025-59246 CRITICAL
Azure Entra ID - Elevation of Privilege via Missing Authentication
Oct 09, 2025
CVSS 9.8
EPSS 0.00
CVE-2025-59218 CRITICAL
Azure Entra ID - Elevation of Privilege
Oct 09, 2025
CVSS 9.6
EPSS 0.00
CVE-2025-55321 CRITICAL
Azure Monitor - Cross-Site Scripting
Oct 09, 2025
CVSS 9.3
EPSS 0.00
CVE-2025-59251 HIGH
Microsoft Edge Chromium < 140.0.3485.81 - Remote Code Execution
Sep 24, 2025
CVSS 7.6
EPSS 0.00
CVE-2025-55322 HIGH
Microsoft OmniParser 2.0.1 - Unrestricted IP Binding Code Execution
Sep 24, 2025
CVSS 7.3
EPSS 0.00
CVE-2025-59220 HIGH
Windows 10/11, Server 2022/2025 - Privilege Escalation via Bluetooth Race Condition
Sep 18, 2025
CVSS 7.0
EPSS 0.00
CVE-2025-59216 HIGH
Windows 11 24H2 / Server 2025 < 10.0.26100.6508 Privilege Escalation via Graphics Race Condition
Sep 18, 2025
CVSS 7.0
EPSS 0.00
CVE-2025-59215 HIGH
Windows 11 24H2 and Windows Server 2025 < 10.0.26100.6508 - Authenticated Use-After-Free in Graphics Component
Sep 18, 2025
CVSS 7.0
EPSS 0.00
CVE-2025-49728 MEDIUM
Microsoft PC Manager < 3.18.0.0 - Cleartext Storage of Sensitive Information
Sep 16, 2025
CVSS 4.0
EPSS 0.00
CVE-2025-47967 MEDIUM
Microsoft Edge for Android < 140.0.3485.71 - Spoofing via Insufficient UI Warning
Sep 16, 2025
CVSS 4.7
EPSS 0.00
CVE-2025-55319 HIGH
Agentic AI & VSCode - Command Injection
Sep 12, 2025
CVSS 8.8
EPSS 0.00
CVE-2025-55317 HIGH
Microsoft AutoUpdate - Privilege Escalation
Sep 09, 2025
CVSS 7.8
EPSS 0.00
CVE-2025-55316 HIGH
Azure Connected Machine Agent < 1.56 - Authenticated Privilege Escalation via External Control of File Name or Path
Sep 09, 2025
CVSS 7.8
EPSS 0.00
CVE-2025-55245 HIGH
Xbox Gaming Services < 30.104.13001.0 - Authenticated Privilege Escalation via Improper Link Resolution
Sep 09, 2025
CVSS 7.8
EPSS 0.00
CVE-2025-55243 HIGH
Microsoft Office Plus - Info Disclosure
Sep 09, 2025
CVSS 7.5
EPSS 0.00
CVE-2025-55236 HIGH
Windows 10/11, Server 2019/2022/2025 - Local Code Execution via Graphics Kernel TOCTOU
Sep 09, 2025
CVSS 7.3
EPSS 0.00
CVE-2025-55234 HIGH
Windows 10 1507-22H2, Windows 11 22H2-24H2, Windows Server 2008 - SMB Server Relay Attack via Improper Authentication
Sep 09, 2025
CVSS 8.8
EPSS 0.00
CVE-2025-55232 CRITICAL
Microsoft HPC Pack < 6.3.8352 - Remote Code Execution via Untrusted Data Deserialization
Sep 09, 2025
CVSS 9.8
EPSS 0.01
CVE-2025-55228 HIGH
Windows 10/11, Server 2022/2025 Win32K GRFX Race Condition Local Code Execution
Sep 09, 2025
CVSS 7.8
EPSS 0.00
CVE-2025-55227 HIGH
SQL Server 2016-2022 Authenticated Command Injection
Sep 09, 2025
CVSS 8.8
EPSS 0.00
CVE-2025-55226 MEDIUM
Graphics Kernel - Local Code Execution
Sep 09, 2025
CVSS 6.7
EPSS 0.00
CVE-2025-55225 MEDIUM
Windows Server 2008-2025 Unauthenticated OOB Read in RRAS
Sep 09, 2025
CVSS 6.5
EPSS 0.00
CVE-2025-55224 HIGH
Microsoft Windows Win32K - GRFX Race Condition Local Code Execution
Sep 09, 2025
CVSS 7.8
EPSS 0.00
Products
windows_server_2016 4,606 windows_server_2019 4,345 windows_server_2012 3,825 windows_server_2008 3,554 windows_10 2,974 windows_server_2022 2,699 windows_7 2,368 windows_8.1 2,216 windows_rt_8.1 2,020 windows_10_1809 1,935 windows_10_21h2 1,934 windows_10_22h2 1,932 windows_server_2022_23h2 1,666 windows_10_1607 1,658 windows_11_22h2 1,651 internet_explorer 1,635 windows_11_23h2 1,548 windows_11_24h2 1,234 windows_10_1507 1,230 windows_server_2025 1,195 office 1,032 windows_11_21h2 1,001 windows_vista 828 edge 756 windows_xp 739 windows_11 573 windows_2000 515 windows_11_25h2 502 sharepoint_server 477 365_apps 472
Quick Filters
Critical CVEs With Exploits In CISA KEV