Syntax: kev:true severity:critical epss:>0.95 vendor:cisco patch:false
Filters
Severity
Exploitation
Data Source
Data Quality
Vendor
CWE — Weakness Type
Clear all
Top 20 matches Showing top matches — use filters or a more specific query to narrow
CVE-2026-23658
CRITICAL CVSS 9.8
Find Similar
Insufficiently protected credentials in Azure DevOps allows an unauthorized attacker to elevate privileges over a network.
Exposure of sensitive information to an unauthorized actor in Azure DevOps allows an unauthorized attacker to disclose information over a network.
Insufficiently protected credentials in Azure Logic Apps allows an authorized attacker to elevate privileges over a network.
CVE-2025-29813
CRITICAL CVSS 9.8
Find Similar
Authentication bypass by assumed-immutable data in Azure DevOps allows an unauthorized attacker to elevate privileges over a network.
CVE-2026-42822
CRITICAL CVSS 10.0
Find Similar
Improper authentication in Azure Local Disconnected Operations allows an unauthorized attacker to elevate privileges over a network.
CVE-2026-33105
CRITICAL CVSS 9.8
Find Similar
Improper authorization in Microsoft Azure Kubernetes Service allows an unauthorized attacker to elevate privileges over a network.
CVE-2026-45480
CRITICAL CVSS 10.0
Find Similar
Improper authentication in Azure Active Directory allows an unauthorized attacker to elevate privileges over a network.
CVE-2026-32213
CRITICAL CVSS 9.8
Find Similar
Improper authorization in Azure AI Foundry allows an unauthorized attacker to elevate privileges over a network.
Improper access control in Azure Resource Manager allows an authorized attacker to elevate privileges over a network.
Improper authentication in Windows Admin Center allows an authorized attacker to elevate privileges over a network.
Improper privilege management in Azure Entra ID allows an unauthorized attacker to elevate privileges over a network.
CVE-2026-33825
HIGH CVSS 7.8 KEV
Find Similar
Insufficient granularity of access control in Microsoft Defender allows an authorized attacker to elevate privileges locally.
CVE-2026-48584
CRITICAL CVSS 9.9
Find Similar
Execution with unnecessary privileges in Azure Synapse allows an authorized attacker to elevate privileges over a network.
CVE-2026-47280
CRITICAL CVSS 9.8
Find Similar
Improper authentication in Azure Resource Manager (ARM) allows an unauthorized attacker to elevate privileges over a network.
Improper handling of insufficient permissions or privileges in Windows Error Reporting allows an authorized attacker to elevate privileges locally.
Page 1+ Next →