Syntax: kev:true severity:critical epss:>0.95 vendor:cisco patch:false
Filters
Severity
Exploitation
Data Source
Data Quality
Vendor
CWE — Weakness Type
Clear all
Top 20 matches Showing top matches — use filters or a more specific query to narrow
Improper input validation in Azure Compute Gallery allows an authorized attacker to disclose information over a network.
Initialization of a resource with an insecure default in Azure Compute Gallery allows an authorized attacker to disclose information over a network.
Cleartext storage of sensitive information in Azure Compute Gallery allows an authorized attacker to disclose information over a network.
Improper input validation in Azure Virtual Network Gateway allows an authorized attacker to execute code over a network.
Permissive regular expression in Azure Compute Gallery allows an authorized attacker to elevate privileges locally.
Improper input validation in System Center Operations Manager allows an authorized attacker to elevate privileges over a network.
Improper neutralization of special elements used in a command ('command injection') in Azure Compute Gallery allows an authorized attacker to elevate privileges locally.
Exposure of sensitive information to an unauthorized actor in Microsoft Authenticator allows an unauthorized attacker to disclose information over a network.
Exposure of sensitive information to an unauthorized actor in Azure Data Factory allows an unauthorized attacker to disclose information over a network.
Improper input validation in Microsoft Dynamics allows an unauthorized attacker to disclose information over a network.
Improper input validation in Windows Server Update Service allows an unauthorized attacker to perform tampering over a network.
Improper authentication in Azure SRE Agent allows an unauthorized attacker to disclose information over a network.
CVE-2026-32213
CRITICAL CVSS 9.8
Find Similar
Improper authorization in Azure AI Foundry allows an unauthorized attacker to elevate privileges over a network.
Improper input validation in Windows Active Directory allows an authorized attacker to execute code over an adjacent network.
Exposure of sensitive information to an unauthorized actor in Azure Data Explorer allows an unauthorized attacker to disclose information over a network.
Improper input validation in Microsoft Azure Attestation service and Device Health Attestation Service allows an authorized attacker to perform spoofing with a physical attack.
Page 1+ Next →