Syntax: kev:true severity:critical epss:>0.95 vendor:cisco patch:false
Filters
Severity
Exploitation
Data Source
Data Quality
Vendor
CWE — Weakness Type
Clear all
Top 20 matches Showing top matches — use filters or a more specific query to narrow
Improper input validation in Microsoft Azure Attestation service and Device Health Attestation Service allows an authorized attacker to perform spoofing with a physical attack.
Improper input validation in Azure Virtual Network Gateway allows an authorized attacker to execute code over a network.
Improper input validation in Windows Server Update Service allows an unauthorized attacker to perform tampering over a network.
CVE-2026-32201
MEDIUM CVSS 6.5 KEV
Find Similar
Improper input validation in Microsoft Office SharePoint allows an unauthorized attacker to perform spoofing over a network.
Improper neutralization of special elements in output used by a downstream component ('injection') in Azure Machine Learning allows an unauthorized attacker to perform spoofing over a network.
Improper input validation in Azure Compute Gallery allows an authorized attacker to disclose information over a network.
Improper input validation in Windows Active Directory allows an authorized attacker to execute code over an adjacent network.
An unauthenticated remote attacker can exploit input validation in cmd services of the devices, allowing them to disrupt system operations and potentially cause a denial-of-service.
Improper input validation in Microsoft PowerShell allows an unauthorized attacker to bypass a security feature locally.
CVE-2026-26149
CRITICAL CVSS 9.0
Find Similar
Improper neutralization of escape, meta, or control sequences in Microsoft Power Apps allows an authorized attacker to perform spoofing over a network.
Improper input validation in some Intel(R) SPS firmware before SPS_E5_06.01.04.059.0 may allow a privileged user to potentially enable denial of service via local access.
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Biometric Service allows an unauthorized attacker to bypass a security feature with a physical at
CVE-2026-33105
CRITICAL CVSS 9.8
Find Similar
Improper authorization in Microsoft Azure Kubernetes Service allows an unauthorized attacker to elevate privileges over a network.
Page 1+ Next →