Threat-Lens CVE Hub

CVE-2025-24070

HIGH CVSS 7.0

Weak authentication in ASP.NET Core & Visual Studio allows an unauthorized attacker to elevate privileges over a network.

microsoft

CVE-2025-29802

HIGH CVSS 7.3

Find Similar

Improper access control in Visual Studio allows an authorized attacker to elevate privileges locally.

microsoft

CVE-2025-59249

HIGH CVSS 8.8

Find Similar

Weak authentication in Microsoft Exchange Server allows an authorized attacker to elevate privileges over a network.

microsoft

CVE-2025-7326

HIGH CVSS 7.0

Find Similar

Weak authentication in EOL ASP.NET Core allows an unauthorized attacker to elevate privileges over a network. NOTE: This CVE affects only End Of Life (EOL) software components. The vendor, Microsoft,

CVE-2026-47281

CRITICAL CVSS 9.6

Find Similar

Improper input validation in Visual Studio Code allows an unauthorized attacker to elevate privileges over a network.

microsoft

CVE-2026-40376

HIGH CVSS 8.1

Find Similar

Improper input validation in Visual Studio Code allows an unauthorized attacker to elevate privileges over a network.

microsoft

CVE-2025-29804

HIGH CVSS 7.3

Find Similar

Improper access control in Visual Studio allows an authorized attacker to elevate privileges locally.

microsoft

CVE-2025-32703

MEDIUM CVSS 5.5

Find Similar

Insufficient granularity of access control in Visual Studio allows an authorized attacker to disclose information locally.

microsoft

CVE-2026-40372

CRITICAL CVSS 9.1

Find Similar

Improper verification of cryptographic signature in ASP.NET Core allows an unauthorized attacker to elevate privileges over a network.

microsoft

CVE-2025-24998

HIGH CVSS 7.3

Find Similar

Uncontrolled search path element in Visual Studio allows an authorized attacker to elevate privileges locally.

microsoft

CVE-2025-32726

MEDIUM CVSS 6.8

Find Similar

Improper access control in Visual Studio Code allows an authorized attacker to elevate privileges locally.

microsoft

CVE-2025-25003

HIGH CVSS 7.3

Find Similar

Uncontrolled search path element in Visual Studio allows an authorized attacker to elevate privileges locally.

microsoft

CVE-2025-50173

HIGH CVSS 7.8

Find Similar

Weak authentication in Windows Installer allows an authorized attacker to elevate privileges locally.

microsoft

CVE-2024-38182

CRITICAL CVSS 9.8

Find Similar

Weak authentication in Microsoft Dynamics 365 allows an unauthenticated attacker to elevate privileges over a network.

microsoft

CVE-2025-55240

HIGH CVSS 7.3

Find Similar

Improper access control in Visual Studio allows an authorized attacker to elevate privileges locally.

microsoft

CVE-2025-21405

HIGH CVSS 7.3

Find Similar

Visual Studio Elevation of Privilege Vulnerability

microsoft

CVE-2024-49044

MEDIUM CVSS 6.7

Find Similar

Visual Studio Elevation of Privilege Vulnerability

microsoft

CVE-2025-26635

MEDIUM CVSS 6.5

Find Similar

Weak authentication in Windows Hello allows an authorized attacker to bypass a security feature over a network.

microsoft

CVE-2025-27740

HIGH CVSS 8.8

Find Similar

Weak authentication in Windows Active Directory Certificate Services allows an authorized attacker to elevate privileges over a network.

microsoft

CVE-2025-21173

HIGH CVSS 7.3

Find Similar

.NET Elevation of Privilege Vulnerability

microsoft linux