microsoft
15,023 tracked vulnerabilities.
CVE-2026-20815
HIGH
Capability Access Management Service - Privilege Escalation
Jan 13, 2026
CVSS 7.0
EPSS 0.00
CVE-2026-20814
HIGH
Graphics Kernel - Privilege Escalation
Jan 13, 2026
CVSS 7.0
EPSS 0.00
CVE-2026-20812
MEDIUM
Windows LDAP - Lightweight Directory Access Protocol - Info Disclosure
Jan 13, 2026
CVSS 6.5
EPSS 0.01
CVE-2026-20811
HIGH
Windows Win32K - ICOMP - Privilege Escalation
Jan 13, 2026
CVSS 7.8
EPSS 0.00
CVE-2026-20810
HIGH
Windows Ancillary Function Driver - Privilege Escalation
Jan 13, 2026
CVSS 7.8
EPSS 0.00
CVE-2026-20809
HIGH
Windows Kernel Memory - Privilege Escalation
Jan 13, 2026
CVSS 7.8
EPSS 0.00
CVE-2026-20808
HIGH
Printer Association Object - Privilege Escalation
Jan 13, 2026
CVSS 7.0
EPSS 0.00
CVE-2026-20805
MEDIUM
KEV
Desktop Windows Manager - Info Disclosure
Jan 13, 2026
CVSS 5.5
EPSS 0.05
CVE-2026-20804
HIGH
Windows Hello < Privilege Escalation
Jan 13, 2026
CVSS 7.7
EPSS 0.00
CVE-2026-20803
HIGH
Microsoft SQL Server 2022 and 2025 - Missing Authentication for Critical Function
Jan 13, 2026
CVSS 7.2
EPSS 0.01
CVE-2026-0386
HIGH
Windows Server 2008-2025 - Unauthenticated Remote Code Execution via Deployment Services
Jan 13, 2026
CVSS 7.5
EPSS 0.01
CVE-2025-66389
HIGH
GitHub Copilot 1.372.0 - Unauthenticated Filesystem Access via File-Handler URI Parameter
Jun 22, 2026
CVSS 7.5
EPSS 0.01
CVE-2025-62821
CRITICAL
Microsoft HEIF Image Extensions 1.2.22.0 - Out-of-Bounds Read via CHEIFItemInfoEntry_GetDataSize
Jun 19, 2026
CVSS 9.1
EPSS 0.01
CVE-2025-62224
MEDIUM
Microsoft Edge for Android - Spoofing
Jan 07, 2026
CVSS 5.5
EPSS 0.00
CVE-2025-9611
HIGH
Microsoft Playwright MCP Server <0.0.40 - SSRF
Jan 07, 2026
EPSS 0.01
CVE-2025-64675
HIGH
Azure Cosmos DB - Cross-Site Scripting
Dec 19, 2025
CVSS 8.3
EPSS 0.01
CVE-2025-65046
LOW
Microsoft Edge Chromium < 143.0.3650.88 - Spoofing
Dec 18, 2025
CVSS 3.1
EPSS 0.00
CVE-2025-65041
CRITICAL
Microsoft Partner Center - Unauthenticated Privilege Escalation
Dec 18, 2025
CVSS 10.0
EPSS 0.01
CVE-2025-65037
CRITICAL
Azure Container Apps - Remote Code Execution
Dec 18, 2025
CVSS 10.0
EPSS 0.01
CVE-2025-64677
HIGH
Office Out-of-Box Experience - Cross-Site Scripting
Dec 18, 2025
CVSS 8.2
EPSS 0.00
CVE-2025-64676
HIGH
Microsoft Purview - Path Traversal and Remote Code Execution via '.../...//'
Dec 18, 2025
CVSS 7.2
EPSS 0.01
CVE-2025-64663
CRITICAL
Azure Cognitive Service for Language - Server-Side Request Forgery
Dec 18, 2025
CVSS 9.9
EPSS 0.01
CVE-2025-14174
HIGH
KEV
Google Chrome <143.0.7499.110 - Memory Corruption
Dec 12, 2025
CVSS 8.8
EPSS 0.23
CVE-2025-64669
HIGH
Windows Admin Center < 2511 and 1809.0-2.6.5.16 - Authenticated Privilege Escalation
Dec 11, 2025
CVSS 7.8
EPSS 0.00
CVE-2025-64680
HIGH
Windows 10/11, Server 2016 - Privilege Escalation via DWM Core Library Heap Overflow
Dec 09, 2025
CVSS 7.8
EPSS 0.00
Products
windows_server_2016 4,687
windows_server_2019 4,439
windows_server_2012 3,892
windows_server_2008 3,554
windows_10 2,974
windows_server_2022 2,814
windows_7 2,368
windows_8.1 2,216
windows_10_21h2 2,031
windows_10_22h2 2,029
windows_10_1809 2,025
windows_rt_8.1 2,020
windows_10_1607 1,736
windows_server_2022_23h2 1,676
windows_11_23h2 1,657
windows_11_22h2 1,652
internet_explorer 1,635
windows_11_24h2 1,349
windows_server_2025 1,315
windows_10_1507 1,230
Windows 11 Version 24H2 1,086
Windows Server 2025 1,058
Windows Server 2025 (Server Core installation) 1,058
office 1,034
Windows Server 2022 1,014
windows_11_21h2 1,001
Windows Server 2019 1,000
Windows Server 2019 (Server Core installation) 997
Windows 10 Version 21H2 961
Windows 10 Version 22H2 958
Quick Filters