Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (49 CVEs found)

Export CSV
CVE Vendors Products Updated CVSS v3.1
CVE-2026-42824 1 Microsoft 1 365 Copilot 2026-06-06 6.5 Medium
Improper neutralization of special elements used in a command ('command injection') in M365 Copilot allows an unauthorized attacker to disclose information over a network.
CVE-2026-45497 1 Microsoft 1 365 Copilot 2026-06-05 7.7 High
Improper neutralization of special elements used in a command ('command injection') in Microsoft Copilot allows an authorized attacker to execute code over a network.
CVE-2026-26164 1 Microsoft 2 365 Copilot Business Chat, 365 Copilot Chat 2026-06-01 7.5 High
Improper neutralization of special elements used in a command ('command injection') in M365 Copilot allows an unauthorized attacker to disclose information over a network.
CVE-2026-26129 1 Microsoft 2 365 Copilot Business Chat, 365 Copilot Chat 2026-06-01 7.5 High
Improper neutralization of special elements used in a command ('command injection') in M365 Copilot allows an unauthorized attacker to disclose information over a network.
CVE-2026-41090 1 Microsoft 3 365 Copilot, 365 Copilot Ios, 365 Copilot Ios 2026-05-27 9.3 Critical
Improper neutralization of special elements used in a command ('command injection') in Microsoft Copilot allows an unauthorized attacker to perform tampering over a network.
CVE-2026-42827 1 Microsoft 1 365 Copilot 2026-05-27 6.5 Medium
Improper neutralization of special elements used in a command ('command injection') in M365 Copilot allows an unauthorized attacker to disclose information over a network.
CVE-2026-42831 1 Microsoft 6 365 Copilot, Office, Office For Android and 3 more 2026-05-22 7.8 High
Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally.
CVE-2026-40363 1 Microsoft 11 365 Apps, 365 Copilot, Office and 8 more 2026-05-22 8.4 High
Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally.
CVE-2025-62554 1 Microsoft 10 365 Apps, 365 Copilot, Office and 7 more 2026-05-22 8.4 High
Access of resource using incompatible type ('type confusion') in Microsoft Office allows an unauthorized attacker to execute code locally.
CVE-2026-26134 1 Microsoft 2 365 Copilot, Office 2026-05-22 7.8 High
Integer overflow or wraparound in Microsoft Office allows an authorized attacker to elevate privileges locally.
CVE-2025-53799 1 Microsoft 26 365 Copilot, Office, Windows 10 1507 and 23 more 2026-05-22 5.5 Medium
Use of uninitialized resource in Windows Imaging Component allows an unauthorized attacker to disclose information locally.
CVE-2025-30388 1 Microsoft 29 365 Copilot, Office, Office Long Term Servicing Channel and 26 more 2026-05-22 7.8 High
Heap-based buffer overflow in Windows Win32K - GRFX allows an unauthorized attacker to execute code locally.
CVE-2025-62199 1 Microsoft 12 365, 365 Apps, 365 Copilot and 9 more 2026-05-22 7.8 High
Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.
CVE-2025-49695 1 Microsoft 10 365 Apps, 365 Copilot, Office and 7 more 2026-05-22 8.4 High
Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.
CVE-2026-25180 1 Microsoft 33 365 Copilot, Office, Office For Android and 30 more 2026-05-22 5.5 Medium
Out-of-bounds read in Microsoft Graphics Component allows an unauthorized attacker to disclose information locally.
CVE-2024-38250 1 Microsoft 26 365 Copilot, Office, Office Long Term Servicing Channel and 23 more 2026-05-22 7.8 High
Windows Graphics Component Elevation of Privilege Vulnerability
CVE-2025-59234 1 Microsoft 11 365, 365 Apps, 365 Copilot and 8 more 2026-05-22 7.8 High
Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.
CVE-2025-59227 1 Microsoft 13 365, 365 Apps, 365 Copilot and 10 more 2026-05-22 7.8 High
Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.
CVE-2025-47167 1 Microsoft 10 365 Apps, 365 Copilot, Office and 7 more 2026-05-22 8.4 High
Access of resource using incompatible type ('type confusion') in Microsoft Office allows an unauthorized attacker to execute code locally.
CVE-2025-60724 1 Microsoft 32 365 Copilot, Graphics Component, Office and 29 more 2026-05-22 9.8 Critical
Heap-based buffer overflow in Microsoft Graphics Component allows an unauthorized attacker to execute code over a network.