Syntax: kev:true severity:critical epss:>0.95 vendor:cisco patch:false
Filters
Severity
Exploitation
Data Source
Data Quality
Vendor
CWE — Weakness Type
Clear all
Top 20 matches Showing top matches — use filters or a more specific query to narrow
2 CRITICAL9 HIGH9 MEDIUM ⚡ 2 KEV
CVE-2025-47966
CRITICAL CVSS 9.8
Find Similar
Exposure of sensitive information to an unauthorized actor in Power Automate allows an unauthorized attacker to elevate privileges over a network.
microsoft
NVD RRF 0.016
CVE-2026-40374
MEDIUM CVSS 6.5
Find Similar
Exposure of sensitive information to an unauthorized actor in Power Automate allows an authorized attacker to disclose information over a network.
microsoft
NVD RRF 0.016
CVE-2025-29817
MEDIUM CVSS 5.7
Find Similar
Uncontrolled search path element in Power Automate allows an authorized attacker to disclose information over a network.
microsoft
NVD RRF 0.016
CVE-2026-20805
MEDIUM CVSS 5.5 KEV
Find Similar
Exposure of sensitive information to an unauthorized actor in Desktop Windows Manager allows an authorized attacker to disclose information locally.
microsoft
NVD RRF 0.015
CVE-2025-27736
MEDIUM CVSS 5.5
Find Similar
Exposure of sensitive information to an unauthorized actor in Windows Power Dependency Coordinator allows an authorized attacker to disclose information locally.
microsoft
NVD RRF 0.015
CVE-2025-53795
CRITICAL CVSS 9.8
Find Similar
Improper authorization in Microsoft PC Manager allows an unauthorized attacker to elevate privileges over a network.
microsoft
NVD RRF 0.014
CVE-2026-20847
MEDIUM CVSS 6.5
Find Similar
Exposure of sensitive information to an unauthorized actor in Windows Shell allows an authorized attacker to perform spoofing over a network.
microsoft
NVD RRF 0.014
CVE-2026-21533
HIGH CVSS 7.8 KEV
Find Similar
Improper privilege management in Windows Remote Desktop allows an authorized attacker to elevate privileges locally.
microsoft
NVD RRF 0.014
CVE-2024-38190
HIGH CVSS 8.6
Find Similar
Missing authorization in Power Platform allows an unauthenticated attacker to view sensitive information through a network attack vector.
microsoft
NVD RRF 0.014
CVE-2026-20967
HIGH CVSS 8.8
Find Similar
Improper input validation in System Center Operations Manager allows an authorized attacker to elevate privileges over a network.
microsoft
NVD RRF 0.014
CVE-2026-20862
MEDIUM CVSS 5.5
Find Similar
Exposure of sensitive information to an unauthorized actor in Windows Management Services allows an authorized attacker to disclose information locally.
microsoft
NVD RRF 0.014
CVE-2025-59284
MEDIUM CVSS 5.5
Find Similar
Exposure of sensitive information to an unauthorized actor in Windows NTLM allows an unauthorized attacker to perform spoofing locally.
microsoft
NVD RRF 0.013
CVE-2025-47179
MEDIUM CVSS 6.7
Find Similar
Improper access control in Microsoft Configuration Manager allows an authorized attacker to elevate privileges locally.
microsoft
NVD RRF 0.013
CVE-2026-27914
HIGH CVSS 7.8
Find Similar
Improper access control in Microsoft Management Console allows an authorized attacker to elevate privileges locally.
microsoft
NVD RRF 0.013
CVE-2026-24304
HIGH CVSS 8.8
Find Similar
Improper access control in Azure Resource Manager allows an authorized attacker to elevate privileges over a network.
microsoft
NVD RRF 0.013
CVE-2025-59188
MEDIUM CVSS 5.5
Find Similar
Exposure of sensitive information to an unauthorized actor in Windows Failover Cluster allows an authorized attacker to disclose information locally.
microsoft
NVD RRF 0.013
Page 1+ Next →