Syntax: kev:true severity:critical epss:>0.95 vendor:cisco patch:false
Filters
Severity
Exploitation
Data Source
Data Quality
Vendor
CWE — Weakness Type
Clear all
Top 20 matches Showing top matches — use filters or a more specific query to narrow
CVE-2026-42823
CRITICAL CVSS 9.9
Find Similar
Improper access control in Azure Logic Apps allows an authorized attacker to elevate privileges over a network.
Insufficiently protected credentials in Azure Logic Apps allows an authorized attacker to elevate privileges over a network.
Improper access control in Azure Resource Manager allows an authorized attacker to elevate privileges over a network.
CVE-2026-32213
CRITICAL CVSS 9.8
Find Similar
Improper authorization in Azure AI Foundry allows an unauthorized attacker to elevate privileges over a network.
CVE-2026-47647
CRITICAL CVSS 9.9
Find Similar
Improper access control in Microsoft Dynamics 365 allows an authorized attacker to elevate privileges over a network.
CVE-2026-24303
CRITICAL CVSS 9.6
Find Similar
Improper access control in Microsoft Partner Center allows an authorized attacker to elevate privileges over a network.
Improper access control in Azure Connected Machine Agent allows an authorized attacker to elevate privileges locally.
CVE-2026-48584
CRITICAL CVSS 9.9
Find Similar
Execution with unnecessary privileges in Azure Synapse allows an authorized attacker to elevate privileges over a network.
Improper access control in Windows Admin Center allows an authorized attacker to elevate privileges over a network.
Improper access control in Windows Admin Center allows an authorized attacker to elevate privileges over a network.
Improper access control in Azure Portal Windows Admin Center allows an authorized attacker to elevate privileges locally.
Improper access control in Microsoft Management Console allows an authorized attacker to elevate privileges locally.
CVE-2026-45480
CRITICAL CVSS 10.0
Find Similar
Improper authentication in Azure Active Directory allows an unauthorized attacker to elevate privileges over a network.
CVE-2026-33105
CRITICAL CVSS 9.8
Find Similar
Improper authorization in Microsoft Azure Kubernetes Service allows an unauthorized attacker to elevate privileges over a network.
CVE-2024-38194
CRITICAL CVSS 9.9
Find Similar
An authenticated attacker can exploit an improper authorization vulnerability in Azure Web Apps to elevate privileges over a network.
CVE-2026-24306
CRITICAL CVSS 9.8
Find Similar
Improper access control in Azure Front Door (AFD) allows an unauthorized attacker to elevate privileges over a network.
CVE-2026-42822
CRITICAL CVSS 10.0
Find Similar
Improper authentication in Azure Local Disconnected Operations allows an unauthorized attacker to elevate privileges over a network.
Page 1+ Next →