Syntax: kev:true severity:critical epss:>0.95 vendor:cisco patch:false
Filters
Severity
Exploitation
Data Source
Data Quality
Vendor
CWE — Weakness Type
Clear all
Top 20 matches Showing top matches — use filters or a more specific query to narrow
CVE-2026-40372
CRITICAL CVSS 9.1
Find Similar
Improper verification of cryptographic signature in ASP.NET Core allows an unauthorized attacker to elevate privileges over a network.
Improper verification of cryptographic signature in .NET allows an authorized attacker to execute code over a network.
Weak authentication in ASP.NET Core & Visual Studio allows an unauthorized attacker to elevate privileges over a network.
CVE-2026-47281
CRITICAL CVSS 9.6
Find Similar
Improper input validation in Visual Studio Code allows an unauthorized attacker to elevate privileges over a network.
Improper input validation in Visual Studio Code allows an unauthorized attacker to elevate privileges over a network.
Improper authentication in Windows Cryptographic Services allows an unauthorized attacker to elevate privileges locally.
Improper authentication in Windows Admin Center allows an authorized attacker to elevate privileges over a network.
Improper authorization in Windows Kerberos allows an authorized attacker to elevate privileges over an adjacent network.
Improper authentication in Microsoft Dataverse allows an authorized attacker to elevate privileges over a network.
Improper authentication in Microsoft Dataverse allows an authorized attacker to elevate privileges over a network.
CVE-2026-45480
CRITICAL CVSS 10.0
Find Similar
Improper authentication in Azure Active Directory allows an unauthorized attacker to elevate privileges over a network.
Improper access control in Windows Admin Center allows an authorized attacker to elevate privileges over a network.
Improper access control in Windows Admin Center allows an authorized attacker to elevate privileges over a network.
Improper verification of cryptographic signature in Windows Certificates allows an unauthorized attacker to perform spoofing over a network.
CVE-2026-42901
CRITICAL CVSS 10.0
Find Similar
Origin validation error in Microsoft Entra ID allows an unauthorized attacker to elevate privileges over a network.
Allocation of resources without limits or throttling in ASP.NET Core allows an unauthorized attacker to deny service over a network.
Page 1+ Next →