microsoft
15,023 tracked vulnerabilities.
CVE-2026-26030
CRITICAL
Microsoft Semantic Kernel <1.39.4 - RCE
Feb 19, 2026
CVSS 9.9
EPSS 0.03
CVE-2026-26119
HIGH
Windows Admin Center - Privilege Escalation
Feb 17, 2026
CVSS 8.8
EPSS 0.01
CVE-2026-0102
LOW
Microsoft Edge Chromium < 145.0.3800.58 - Unauthorized Autofill Data Exposure via Consecutive Taps
Feb 17, 2026
CVSS 3.1
EPSS 0.00
CVE-2026-23655
MEDIUM
Azure Compute Gallery - Info Disclosure
Feb 10, 2026
CVSS 6.5
EPSS 0.01
CVE-2026-21537
HIGH
Microsoft Defender for Endpoint for Linux 101.0.0-1.0.8.9 - Unauthenticated Remote Code Execution
Feb 10, 2026
CVSS 8.8
EPSS 0.01
CVE-2026-21533
HIGH
KEV
Windows 10/11 Remote Desktop Authenticated Privilege Escalation
Feb 10, 2026
CVSS 7.8
EPSS 0.04
CVE-2026-21531
CRITICAL
Azure Conversation Authoring Client Library - Remote Code Execution via Untrusted Data Deserialization
Feb 10, 2026
CVSS 9.8
EPSS 0.02
CVE-2026-21529
MEDIUM
Azure HDInsight < 5.1 - Cross-Site Scripting
Feb 10, 2026
CVSS 5.7
EPSS 0.01
CVE-2026-21528
MEDIUM
Azure IoT Explorer < 0.15.13 - Unauthenticated Information Disclosure via Unrestricted IP Binding
Feb 10, 2026
CVSS 6.5
EPSS 0.01
CVE-2026-21527
MEDIUM
Microsoft Exchange Server - Info Disclosure
Feb 10, 2026
CVSS 6.5
EPSS 0.08
CVE-2026-21525
MEDIUM
KEV
Windows Remote Access Connection Manager - Unauthenticated Denial of Service via Null Pointer Dereference
Feb 10, 2026
CVSS 6.2
EPSS 0.05
CVE-2026-21523
HIGH
Visual Studio Code < 1.109.2 and 1.110.1 - Authenticated Remote Code Execution via TOCTOU Race Condition
Feb 10, 2026
CVSS 8.0
EPSS 0.01
CVE-2026-21522
MEDIUM
Microsoft Confcom < 1.2.8 - Authenticated Command Injection
Feb 10, 2026
CVSS 6.7
EPSS 0.00
CVE-2026-21519
HIGH
KEV
Windows 10/11 Privilege Escalation via Desktop Window Manager Type Confusion
Feb 10, 2026
CVSS 7.8
EPSS 0.02
CVE-2026-21518
HIGH
Visual Studio Code < 1.109.2 and 1.110.1 - Command Injection via GitHub Copilot Chat Extension
Feb 10, 2026
CVSS 8.8
EPSS 0.01
CVE-2026-21517
MEDIUM
Windows App for Mac - Privilege Escalation
Feb 10, 2026
CVSS 4.7
EPSS 0.00
CVE-2026-21516
HIGH
GitHub Copilot < 1.5.63 - Unauthenticated Remote Code Execution
Feb 10, 2026
CVSS 8.8
EPSS 0.01
CVE-2026-21514
HIGH
KEV
Microsoft Office Word - Info Disclosure
Feb 10, 2026
CVSS 7.8
EPSS 0.02
CVE-2026-21513
HIGH
KEV
Windows MSHTML Security Feature Bypass (10, 11, 23H2, 24H2)
Feb 10, 2026
CVSS 8.8
EPSS 0.15
CVE-2026-21512
MEDIUM
Azure DevOps Server < 2022.2.0 - Server-Side Request Forgery
Feb 10, 2026
CVSS 6.5
EPSS 0.01
CVE-2026-21511
HIGH
Microsoft 365 Apps and Office - Spoofing via Untrusted Data Deserialization
Feb 10, 2026
CVSS 7.5
EPSS 0.04
CVE-2026-21510
HIGH
KEV
Microsoft Windows Shell - Protection Mechanism Failure
Feb 10, 2026
CVSS 8.8
EPSS 0.26
CVE-2026-21508
HIGH
Windows 10/11 Privilege Escalation via Untrusted Search Path
Feb 10, 2026
CVSS 7.0
EPSS 0.00
CVE-2026-21261
MEDIUM
Microsoft Office Excel - Info Disclosure
Feb 10, 2026
CVSS 5.5
EPSS 0.01
CVE-2026-21260
HIGH
Microsoft Office Outlook - Info Disclosure
Feb 10, 2026
CVSS 7.5
EPSS 0.01
Products
windows_server_2016 4,687
windows_server_2019 4,439
windows_server_2012 3,892
windows_server_2008 3,554
windows_10 2,974
windows_server_2022 2,814
windows_7 2,368
windows_8.1 2,216
windows_10_21h2 2,031
windows_10_22h2 2,029
windows_10_1809 2,025
windows_rt_8.1 2,020
windows_10_1607 1,736
windows_server_2022_23h2 1,676
windows_11_23h2 1,657
windows_11_22h2 1,652
internet_explorer 1,635
windows_11_24h2 1,349
windows_server_2025 1,315
windows_10_1507 1,230
Windows 11 Version 24H2 1,086
Windows Server 2025 1,058
Windows Server 2025 (Server Core installation) 1,058
office 1,034
Windows Server 2022 1,014
windows_11_21h2 1,001
Windows Server 2019 1,000
Windows Server 2019 (Server Core installation) 997
Windows 10 Version 21H2 961
Windows 10 Version 22H2 958
Quick Filters