Vulnerabilities
Recent vulnerabilities
Recent vulnerabilities from
Select from 70 available sources using the dropdown above.
| ID | Description | Published | Updated |
|---|---|---|---|
| msrc_cve-2026-54130 | M365 Copilot Information Disclosure Vulnerability | 2026-06-09T07:00:00.000Z | 2026-06-18T07:00:00.000Z |
| msrc_cve-2026-48584 | Microsoft Azure Synapse Elevation of Privilege Vulnerability | 2026-06-09T07:00:00.000Z | 2026-06-18T07:00:00.000Z |
| msrc_cve-2026-48582 | Microsoft Exchange Online Elevation of Privilege Vulnerability | 2026-06-09T07:00:00.000Z | 2026-06-18T07:00:00.000Z |
| msrc_cve-2026-47647 | Dynamics 365 Elevation of Privilege Vulnerability | 2026-06-09T07:00:00.000Z | 2026-06-18T07:00:00.000Z |
| msrc_cve-2026-47646 | Dynamics 365 Customer Voice Spoofing Vulnerability | 2026-06-09T07:00:00.000Z | 2026-06-18T07:00:00.000Z |
| msrc_cve-2026-47645 | Microsoft 365 Copilot's Business Chat Elevation of Privilege Vulnerability | 2026-06-09T07:00:00.000Z | 2026-06-18T07:00:00.000Z |
| msrc_cve-2026-47633 | Microsoft Cost Management Information Disclosure Vulnerability | 2026-06-09T07:00:00.000Z | 2026-06-18T07:00:00.000Z |
| msrc_cve-2026-45480 | Azure Active Directory Elevation of Privilege Vulnerability | 2026-06-09T07:00:00.000Z | 2026-06-18T07:00:00.000Z |
| msrc_cve-2026-42895 | Microsoft Copilot Tampering Vulnerability | 2026-06-09T07:00:00.000Z | 2026-06-18T07:00:00.000Z |
| msrc_cve-2026-32208 | Microsoft Edge (Chromium-based) Spoofing Vulnerability | 2026-06-09T07:00:00.000Z | 2026-06-18T07:00:00.000Z |
| msrc_cve-2026-32174 | Azure Bot Service Elevation of Privilege Vulnerability | 2026-06-09T07:00:00.000Z | 2026-06-18T07:00:00.000Z |
| msrc_cve-2026-46293 | clk: microchip: mpfs-ccc: fix out of bounds access during output registration | 2026-06-02T00:00:00.000Z | 2026-06-18T01:50:27.000Z |
| msrc_cve-2026-46291 | crypto: caam - guard HMAC key hex dumps in hash_digest_key | 2026-06-02T00:00:00.000Z | 2026-06-18T01:50:14.000Z |
| msrc_cve-2026-46274 | io-wq: check that the predecessor is hashed in io_wq_remove_pending() | 2026-06-02T00:00:00.000Z | 2026-06-18T01:50:04.000Z |
| msrc_cve-2026-28387 | Potential Use-after-free in DANE Client Code | 2026-04-02T00:00:00.000Z | 2026-06-18T01:50:00.000Z |
| msrc_cve-2026-46292 | pmdomain: core: Fix detach procedure for virtual devices in genpd | 2026-06-02T00:00:00.000Z | 2026-06-18T01:49:51.000Z |
| msrc_cve-2026-43308 | btrfs: don't BUG() on unexpected delayed ref type in run_one_delayed_ref() | 2026-05-02T00:00:00.000Z | 2026-06-18T01:48:34.000Z |
| msrc_cve-2025-71072 | shmem: fix recovery on rename failures | 2026-01-02T00:00:00.000Z | 2026-06-18T01:48:17.000Z |
| msrc_cve-2025-71073 | Input: lkkbd - disable pending work before freeing device | 2026-01-02T00:00:00.000Z | 2026-06-18T01:48:00.000Z |
| msrc_cve-2026-45445 | AES-OCB IV Ignored on EVP_Cipher() Path | 2026-06-02T00:00:00.000Z | 2026-06-18T01:46:59.000Z |
| msrc_cve-2026-9076 | Out-of-Bounds Read in CMS Password-Based Decryption | 2026-06-02T00:00:00.000Z | 2026-06-18T01:46:38.000Z |
| msrc_cve-2026-34180 | Heap Buffer Over-read in ASN.1 Content Parsing | 2026-06-02T00:00:00.000Z | 2026-06-18T01:45:56.000Z |
| msrc_cve-2026-42767 | NULL Pointer Dereference in CRMF EncryptedValue Decryption | 2026-06-02T00:00:00.000Z | 2026-06-18T01:45:04.000Z |
| msrc_cve-2026-42766 | Possible NULL Dereference in Password-Based CMS Decryption | 2026-06-02T00:00:00.000Z | 2026-06-18T01:44:21.000Z |
| msrc_cve-2026-7383 | Possible Heap Buffer Overflow in ASN.1 Multibyte String Conversion | 2026-06-02T00:00:00.000Z | 2026-06-18T01:42:51.000Z |
| msrc_cve-2026-34182 | CMS AuthEnvelopedData Processing May Accept Forged Messages | 2026-06-02T00:00:00.000Z | 2026-06-18T01:41:57.000Z |
| msrc_cve-2026-45447 | Heap Use-After-Free in the PKCS7_verify() Function | 2026-06-02T00:00:00.000Z | 2026-06-18T01:41:13.000Z |
| msrc_cve-2026-25681 | Invoking incorrect handling of character references in DOCTYPE nodes in golang.org/x/net/html | 2026-05-02T00:00:00.000Z | 2026-06-18T01:40:41.000Z |
| msrc_cve-2026-25680 | Invoking denial of service when parsing arbitrary HTML in golang.org/x/net/html | 2026-05-02T00:00:00.000Z | 2026-06-18T01:40:25.000Z |
| msrc_cve-2026-48854 | Unbounded request body accumulation causes memory exhaustion in elixir-grpc/grpc | 2026-06-02T00:00:00.000Z | 2026-06-18T01:01:50.000Z |