microsoft
15,023 tracked vulnerabilities.
CVE-2025-59272
CRITICAL
Microsoft 365 Copilot Chat - Information Disclosure via Command Injection
Oct 09, 2025
CVSS 9.3
EPSS 0.01
CVE-2025-59271
HIGH
Azure Cache for Redis - Improper Authorization
Oct 09, 2025
CVSS 8.7
EPSS 0.01
CVE-2025-59252
CRITICAL
Microsoft 365 Word Copilot - Command Injection
Oct 09, 2025
CVSS 9.3
EPSS 0.01
CVE-2025-59247
HIGH
Azure PlayFab - Improper Privilege Management
Oct 09, 2025
CVSS 8.8
EPSS 0.01
CVE-2025-59246
CRITICAL
Azure Entra ID - Elevation of Privilege via Missing Authentication
Oct 09, 2025
CVSS 9.8
EPSS 0.07
CVE-2025-59218
CRITICAL
Azure Entra ID - Elevation of Privilege
Oct 09, 2025
CVSS 9.6
EPSS 0.01
CVE-2025-55321
CRITICAL
Azure Monitor - Cross-Site Scripting
Oct 09, 2025
CVSS 9.3
EPSS 0.00
CVE-2025-59251
HIGH
Microsoft Edge Chromium < 140.0.3485.81 - Remote Code Execution
Sep 24, 2025
CVSS 7.6
EPSS 0.00
CVE-2025-55322
HIGH
Microsoft OmniParser 2.0.1 - Unrestricted IP Binding Code Execution
Sep 24, 2025
CVSS 7.3
EPSS 0.00
CVE-2025-59220
HIGH
Windows 10/11, Server 2022/2025 - Privilege Escalation via Bluetooth Race Condition
Sep 18, 2025
CVSS 7.0
EPSS 0.00
CVE-2025-59216
HIGH
Windows 11 24H2 / Server 2025 < 10.0.26100.6508 Privilege Escalation via Graphics Race Condition
Sep 18, 2025
CVSS 7.0
EPSS 0.00
CVE-2025-59215
HIGH
Windows 11 24H2 and Windows Server 2025 < 10.0.26100.6508 - Authenticated Use-After-Free in Graphics Component
Sep 18, 2025
CVSS 7.0
EPSS 0.00
CVE-2025-49728
MEDIUM
Microsoft PC Manager < 3.18.0.0 - Cleartext Storage of Sensitive Information
Sep 16, 2025
CVSS 4.0
EPSS 0.00
CVE-2025-47967
MEDIUM
Microsoft Edge for Android < 140.0.3485.71 - Spoofing via Insufficient UI Warning
Sep 16, 2025
CVSS 4.7
EPSS 0.00
CVE-2025-55319
HIGH
Agentic AI & VSCode - Command Injection
Sep 12, 2025
CVSS 8.8
EPSS 0.01
CVE-2025-55317
HIGH
Microsoft AutoUpdate - Privilege Escalation
Sep 09, 2025
CVSS 7.8
EPSS 0.00
CVE-2025-55316
HIGH
Azure Connected Machine Agent < 1.56 - Authenticated Privilege Escalation via External Control of File Name or Path
Sep 09, 2025
CVSS 7.8
EPSS 0.00
CVE-2025-55245
HIGH
Xbox Gaming Services < 30.104.13001.0 - Authenticated Privilege Escalation via Improper Link Resolution
Sep 09, 2025
CVSS 7.8
EPSS 0.00
CVE-2025-55243
HIGH
Microsoft Office Plus - Info Disclosure
Sep 09, 2025
CVSS 7.5
EPSS 0.01
CVE-2025-55236
HIGH
Windows 10/11, Server 2019/2022/2025 - Local Code Execution via Graphics Kernel TOCTOU
Sep 09, 2025
CVSS 7.3
EPSS 0.00
CVE-2025-55234
HIGH
Windows 10 1507-22H2, Windows 11 22H2-24H2, Windows Server 2008 - SMB Server Relay Attack via Improper Authentication
Sep 09, 2025
CVSS 8.8
EPSS 0.19
CVE-2025-55232
CRITICAL
Microsoft HPC Pack < 6.3.8352 - Remote Code Execution via Untrusted Data Deserialization
Sep 09, 2025
CVSS 9.8
EPSS 0.02
CVE-2025-55228
HIGH
Windows 10/11, Server 2022/2025 Win32K GRFX Race Condition Local Code Execution
Sep 09, 2025
CVSS 7.8
EPSS 0.00
CVE-2025-55227
HIGH
SQL Server 2016-2022 Authenticated Command Injection
Sep 09, 2025
CVSS 8.8
EPSS 0.01
CVE-2025-55226
MEDIUM
Graphics Kernel - Local Code Execution
Sep 09, 2025
CVSS 6.7
EPSS 0.00
Products
windows_server_2016 4,690
windows_server_2019 4,443
windows_server_2012 3,894
windows_server_2008 3,554
windows_10 2,974
windows_server_2022 2,818
windows_7 2,368
windows_8.1 2,216
windows_10_21h2 2,035
windows_10_22h2 2,033
windows_10_1809 2,029
windows_rt_8.1 2,020
windows_10_1607 1,739
windows_server_2022_23h2 1,676
windows_11_23h2 1,657
windows_11_22h2 1,652
internet_explorer 1,635
windows_11_24h2 1,354
windows_server_2025 1,320
windows_10_1507 1,230
Windows 11 Version 24H2 1,086
Windows Server 2025 1,058
Windows Server 2025 (Server Core installation) 1,058
office 1,034
Windows Server 2022 1,014
windows_11_21h2 1,001
Windows Server 2019 1,000
Windows Server 2019 (Server Core installation) 997
Windows 10 Version 21H2 961
Windows 10 Version 22H2 958
Quick Filters