Syntax: kev:true severity:critical epss:>0.95 vendor:cisco patch:false
Filters
Severity
Exploitation
Data Source
Data Quality
Vendor
CWE — Weakness Type
Clear all
Top 20 matches Showing top matches — use filters or a more specific query to narrow
10 CRITICAL10 HIGH
CVE-2026-42901
CRITICAL CVSS 10.0
Find Similar
Origin validation error in Microsoft Entra ID allows an unauthorized attacker to elevate privileges over a network.
microsoft
NVD RRF 0.016
CVE-2026-23663
HIGH CVSS 7.5
Find Similar
Improper privilege management in Azure Entra ID allows an unauthorized attacker to elevate privileges over a network.
microsoft
NVD RRF 0.016
CVE-2026-47281
CRITICAL CVSS 9.6
Find Similar
Improper input validation in Visual Studio Code allows an unauthorized attacker to elevate privileges over a network.
microsoft
NVD RRF 0.015
CVE-2026-40376
HIGH CVSS 8.1
Find Similar
Improper input validation in Visual Studio Code allows an unauthorized attacker to elevate privileges over a network.
microsoft
NVD RRF 0.015
CVE-2026-40379
HIGH CVSS 7.5
Find Similar
Exposure of sensitive information to an unauthorized actor in Azure Entra ID allows an unauthorized attacker to perform spoofing over a network.
microsoft
NVD RRF 0.014
CVE-2025-64666
HIGH CVSS 7.5
Find Similar
Improper input validation in Microsoft Exchange Server allows an authorized attacker to elevate privileges over a network.
microsoft
NVD RRF 0.014
CVE-2024-43477
HIGH CVSS 7.5
Find Similar
Improper access control in Decentralized Identity Services resulted in a vulnerability that allows an unauthenticated attacker to disable Verifiable ID's on another tenant.
microsoft
NVD RRF 0.014
CVE-2026-20967
HIGH CVSS 8.8
Find Similar
Improper input validation in System Center Operations Manager allows an authorized attacker to elevate privileges over a network.
microsoft
NVD RRF 0.014
CVE-2026-33843
CRITICAL CVSS 9.8
Find Similar
Authentication bypass using an alternate path or channel in Microsoft Azure Active Directory B2C allows an unauthorized attacker to elevate privileges over a network.
microsoft
NVD RRF 0.014
CVE-2026-34927
HIGH CVSS 7.8
Find Similar
An origin validation vulnerability in the Apex One/SEP agent could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to e
trendmicro
NVD RRF 0.013
CVE-2025-55701
HIGH CVSS 7.8
Find Similar
Improper validation of specified type of input in Microsoft Windows allows an authorized attacker to elevate privileges locally.
microsoft
NVD RRF 0.013
CVE-2026-48582
CRITICAL CVSS 9.6
Find Similar
Missing authorization in Microsoft Exchange Online allows an authorized attacker to elevate privileges over a network.
microsoft
NVD RRF 0.013
CVE-2026-34930
HIGH CVSS 7.8
Find Similar
An origin validation vulnerability in the Apex One/SEP agent could allow a local attacker to escalate privileges on affected installations. This is similar to CVE-2026-34927 but exists in a different
trendmicro
NVD RRF 0.013
CVE-2026-40372
CRITICAL CVSS 9.1
Find Similar
Improper verification of cryptographic signature in ASP.NET Core allows an unauthorized attacker to elevate privileges over a network.
microsoft
NVD RRF 0.013
CVE-2026-42822
CRITICAL CVSS 10.0
Find Similar
Improper authentication in Azure Local Disconnected Operations allows an unauthorized attacker to elevate privileges over a network.
microsoft
NVD RRF 0.013
Page 1+ Next →