Syntax: kev:true severity:critical epss:>0.95 vendor:cisco patch:false
Filters
Severity
Exploitation
Data Source
Data Quality
Vendor
CWE — Weakness Type
Clear all
Top 20 matches Showing top matches — use filters or a more specific query to narrow
2 CRITICAL10 HIGH8 MEDIUM
CVE-2026-48579
HIGH CVSS 7.5
Find Similar
Improper authorization in Microsoft Exchange Online allows an unauthorized attacker to disclose information over a network.
microsoft
NVD RRF 0.016
CVE-2026-48582
CRITICAL CVSS 9.6
Find Similar
Missing authorization in Microsoft Exchange Online allows an authorized attacker to elevate privileges over a network.
microsoft
NVD RRF 0.016
CVE-2025-33051
HIGH CVSS 7.5
Find Similar
Exposure of sensitive information to an unauthorized actor in Microsoft Exchange Server allows an unauthorized attacker to disclose information over a network.
microsoft
NVD RRF 0.016
CVE-2026-47655
MEDIUM CVSS 6.5
Find Similar
Exposure of sensitive information to an unauthorized actor in Microsoft Graph allows an authorized attacker to disclose information over a network.
microsoft
NVD RRF 0.016
CVE-2026-45583
HIGH CVSS 8.1
Find Similar
Improper control of generation of code ('code injection') in Microsoft Exchange Server allows an unauthorized attacker to execute code over a network.
microsoft
NVD RRF 0.015
CVE-2026-41615
HIGH CVSS 7.4
Find Similar
Exposure of sensitive information to an unauthorized actor in Microsoft Authenticator allows an unauthorized attacker to disclose information over a network.
microsoft
NVD RRF 0.015
CVE-2026-47298
HIGH CVSS 8.0
Find Similar
Improper authorization in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.
microsoft
NVD RRF 0.015
CVE-2026-21527
MEDIUM CVSS 6.5
Find Similar
User interface (ui) misrepresentation of critical information in Microsoft Exchange Server allows an unauthorized attacker to perform spoofing over a network.
microsoft
NVD RRF 0.014
CVE-2025-64666
HIGH CVSS 7.5
Find Similar
Improper input validation in Microsoft Exchange Server allows an authorized attacker to elevate privileges over a network.
microsoft
NVD RRF 0.014
CVE-2026-21535
HIGH CVSS 7.5
Find Similar
Improper access control in Microsoft Teams allows an unauthorized attacker to disclose information over a network.
microsoft
NVD RRF 0.014
CVE-2025-25005
MEDIUM CVSS 6.5
Find Similar
Improper input validation in Microsoft Exchange Server allows an authorized attacker to perform tampering over a network.
microsoft
NVD RRF 0.014
CVE-2026-47647
CRITICAL CVSS 9.9
Find Similar
Improper access control in Microsoft Dynamics 365 allows an authorized attacker to elevate privileges over a network.
NVD RRF 0.014
CVE-2025-64667
MEDIUM CVSS 5.3
Find Similar
User interface (ui) misrepresentation of critical information in Microsoft Exchange Server allows an unauthorized attacker to perform spoofing over a network.
microsoft
NVD RRF 0.013
CVE-2025-29805
HIGH CVSS 7.5
Find Similar
Exposure of sensitive information to an unauthorized actor in Outlook for Android allows an unauthorized attacker to disclose information over a network.
microsoft
NVD RRF 0.013
CVE-2026-45455
MEDIUM CVSS 4.3
Find Similar
Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to disclose information over a network.
microsoft
NVD RRF 0.013
CVE-2026-44822
HIGH CVSS 8.2
Find Similar
Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to disclose information over a network.
microsoft
NVD RRF 0.013
CVE-2025-21380
MEDIUM CVSS 6.5
Find Similar
Improper access control in Azure SaaS Resources allows an authorized attacker to disclose information over a network.
microsoft
NVD RRF 0.013
CVE-2026-42834
HIGH CVSS 7.8
Find Similar
Improper access control in Windows Admin Center allows an authorized attacker to elevate privileges over a network.
microsoft
NVD RRF 0.013
Page 1+ Next →