Where
-Infinity
0

Trending

Last week
Last month
Last year

Vendor Risk Score

See how microsoft compares to other vendors in security performance

View Risk Score →

Software

microsoft windows operating system
7310
microsoft windows server 2016
5237
microsoft windows
4927
microsoft windows server 2019
4735
microsoft windows server
3900
microsoft windows 7
3090
microsoft windows server 2022
2992
microsoft windows 10
2583
microsoft windows rt
2147
microsoft windows server 2012 r2
2043
microsoft windows server 2022 23h2
1739
microsoft windows xp
1356
microsoft windows vista
1353
microsoft edge
1347
microsoft windows server 2025
1229
microsoft windows 11
1214
microsoft windows server 2012
1195
microsoft windows server 2022, 23h2 edition
1191
microsoft edge beta
1127
microsoft windows server 2008
1116
microsoft windows 11 23h2
1082
microsoft office
1078
microsoft windows 10 22h2
1045
microsoft windows 10 21h2
1042
microsoft windows 11 24h2
1033
microsoft windows server 2008 r2 for itanium-based systems
1020
microsoft windows 10 1809
1008
microsoft windows 8.1
943
microsoft windows 10 1607
886
microsoft internet explorer
851
microsoft windows 11 22h2
722
microsoft windows 2000
635
microsoft edge (chromium-based)
631
microsoft windows 10 1507
594
microsoft cbl2 kernel 5.15.186.1-1
562
microsoft windows 11 25h2
513
microsoft windows server 2008 r2
491
microsoft windows server 2003
490
microsoft 365 apps for enterprise
438
microsoft azl3 kernel 6.6.96.2-2
378
microsoft windows rt 8.1
357
microsoft windows 2003 server
345
microsoft sharepoint server 2010
342
microsoft office long term servicing channel
338
microsoft windows nt
331
microsoft azl3 kernel 6.6.117.1-1
317
microsoft 365 apps
290
microsoft office excel
284
microsoft exchange server
268
microsoft azl3 kernel 6.6.104.2-4
267

BleepingComputerGoogle accidentally exposed details of unfixed Chromium flaw

Exploited
First published (updated )
News
BleepingComputer

Two Microsoft Defender vulnerabilities actively exploited. One grants full SYSTEM access. CISA has a June 3 federal deadline. Here is what to check.

First published (updated )
Social
reddit

Microsoft 365 CopilotM365 Copilot Information Disclosure Vulnerability

Risk 37
Severity
6.5
First published (updated )
CVE-2026-42827

Microsoft Power PagesMicrosoft Power Pages Remote Code Execution Vulnerability

Risk 87
Severity
10
First published (updated )
CVE-2026-23652

Microsoft Azure Orbital SpatioAzure Orbital Spatio Remote Code Execution Vulnerability

Risk 87
Severity
10
First published (updated )
CVE-2026-40412
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

Microsoft SharePoint Enterprise Server 2016Microsoft SharePoint Remote Code Execution Vulnerability

Risk 79
Severity
8.8
First published (updated )
CVE-2026-45659

Microsoft Azure Privileged Identity Management (PIM)Azure Privileged Identity Management (PIM) Elevation of Privilege Vulnerability

Risk 79
Severity
8.8
First published (updated )
CVE-2026-35430

Microsoft Azure Stack HCIAzure Stack HCI Information Disclosure Vulnerability

Risk 44
Severity
7.7
First published (updated )
CVE-2026-26147

Microsoft Entra IDMicrosoft Azure Active Directory B2C Elevation of Privilege Vulnerability

Risk 66
Severity
9.1
First published (updated )
CVE-2026-33843

Microsoft Azure Virtual Network GatewayAzure Virtual Network Gateway Remote Code Execution Vulnerability

Risk 82
Severity
9.9
First published (updated )
CVE-2026-40411
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

Microsoft 365 Copilot for iOSMicrosoft Copilot Tampering Vulnerability

Risk 66
Severity
9.3
First published (updated )
CVE-2026-41090

Microsoft Azure Resource ManagerAzure Resource Manager Elevation of Privilege Vulnerability

Risk 87
Severity
10
First published (updated )
CVE-2026-47280

Microsoft Entra IDMicrosoft Entra ID Elevation of Privilege Vulnerability

Risk 87
Severity
10
First published (updated )
CVE-2026-42901

Microsoft Planetary Computer Pro (GeoCatalog)Microsoft Planetary Computer Pro Information Disclosure Vulnerability

Risk 87
Severity
10
First published (updated )
CVE-2026-41104

Microsoft Global Secure Access (GSA)Microsoft Global Secure Access (GSA) Information Disclosure Vulnerability

Risk 43
Severity
7.5
First published (updated )
CVE-2026-23663
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

BleepingComputerMicrosoft warns of new Defender zero-days exploited in attacks

Exploited
Zeroday
First published (updated )
News
BleepingComputer

Microsoft Releases Mitigation for YellowKey BitLocker Bypass CVE-2026-45585 Exploit

First published (updated )
Social
reddit

Esri ArcGIS ServerUnvalidated Redirect in ArcGIS Server

Risk 24
Severity
4.7
First published (updated )
CVE-2026-2813

Esri ArcGIS ServerImproper Authentication issue in ArcGIS Server

Risk 27
Severity
5.3
First published (updated )
CVE-2026-2812

CVE-2026-45585: Windows BitLocker — YellowKey Recovery Bypass Analysis

First published (updated )
Social
reddit
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

ISC BINDUnbounded resend loop in BIND 9 resolver

Risk 29
Severity
5.3
Trending
Week
First published (updated )
CVE-2026-5950

ISC BINDSIG(0) validation during query flood may lead to undefined behavior

Risk 46
Severity
7.5
Trending
Week
First published (updated )
CVE-2026-5947

ISC BINDInvalid handling of CLASS != IN

Risk 46
Severity
7.5
Trending
Week
First published (updated )
CVE-2026-5946

ISC BINDHeap use-after-free vulnerability in BIND 9 DNS-over-HTTPS implementation

Risk 91
Severity
9.8
Trending
Week
First published (updated )
CVE-2026-3593

ISC BINDBIND 9 server memory exhaustion during GSS-API TKEY negotiation

Risk 46
Severity
7.5
Trending
Week
First published (updated )
CVE-2026-3039
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

rsync rsyncRsync < 3.4.3 TOCTOU Race Condition Allows Symlink-Based Arbitrary File Write

Risk 71
Severity
7.3
Trending
Week
First published (updated )
CVE-2026-29518

Nlnet Labs UnboundUse after free and crash under special conditions in RPZ code

Risk 37
Severity
4.6
First published (updated )
CVE-2026-44608

Nlnet Labs UnboundUnbounded name compression in certain cases causes degradation of service

Risk 34
Severity
6.9
First published (updated )
CVE-2026-44390

Nlnet Labs UnboundPossible cache poisoning via promiscuous records for the authority section

Risk 76
Severity
5.7
First published (updated )
CVE-2026-42960

Nlnet Labs UnboundCrash during DNSSEC validation of malicious content

Risk 50
Severity
8.7
First published (updated )
CVE-2026-42959
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2026 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203