Syntax: kev:true severity:critical epss:>0.95 vendor:cisco patch:false
Filters
Severity
Exploitation
Data Source
Data Quality
Vendor
CWE — Weakness Type
Clear all
Top 20 matches Showing top matches — use filters or a more specific query to narrow
CVE-2026-41103
CRITICAL CVSS 9.1
Find Similar
Incorrect implementation of authentication algorithm in Microsoft SSO Plugin for Jira & Confluence allows an unauthorized attacker to elevate privileges over a network.
Incorrect implementation of authentication algorithm in Microsoft Exchange Server allows an unauthorized attacker to elevate privileges locally.
CVE-2026-40372
CRITICAL CVSS 9.1
Find Similar
Improper verification of cryptographic signature in ASP.NET Core allows an unauthorized attacker to elevate privileges over a network.
Improper authentication in Microsoft Dataverse allows an authorized attacker to elevate privileges over a network.
Improper authentication in Microsoft Dataverse allows an authorized attacker to elevate privileges over a network.
Improper authorization in Microsoft Partner Center allows an authorized attacker to elevate privileges over a network.
CVE-2026-32213
CRITICAL CVSS 9.8
Find Similar
Improper authorization in Azure AI Foundry allows an unauthorized attacker to elevate privileges over a network.
CVE-2026-42822
CRITICAL CVSS 10.0
Find Similar
Improper authentication in Azure Local Disconnected Operations allows an unauthorized attacker to elevate privileges over a network.
CVE-2026-42901
CRITICAL CVSS 10.0
Find Similar
Origin validation error in Microsoft Entra ID allows an unauthorized attacker to elevate privileges over a network.
CVE-2026-47281
CRITICAL CVSS 9.6
Find Similar
Improper input validation in Visual Studio Code allows an unauthorized attacker to elevate privileges over a network.
Improper input validation in Visual Studio Code allows an unauthorized attacker to elevate privileges over a network.
Improper handling of insufficient permissions or privileges in Microsoft Dataverse allows an authorized attacker to elevate privileges over a network.
An Incorrect Implementation of Authentication Algorithm and Exposure of Data Element to Wrong Ses-sion vulnerability in the session handling used in B&R APROL <4.4-00P5 may allow an authenticated netw
CVE-2024-38194
CRITICAL CVSS 9.9
Find Similar
An authenticated attacker can exploit an improper authorization vulnerability in Azure Web Apps to elevate privileges over a network.
CVE-2025-65041
CRITICAL CVSS 9.8
Find Similar
Improper authorization in Microsoft Partner Center allows an unauthorized attacker to elevate privileges over a network.
An edgecase in SSO implementation in Neo4j Enterprise edition versions prior to version 2026.02 can lead to unauthorised access under the following conditions: If a neo4j admin configures two or mor
Page 1+ Next →