Where
-Infinity
0

Trending

Last week
Last month
Last year

Vendor Risk Score

See how microsoft compares to other vendors in security performance

View Risk Score →

Software

microsoft windows operating system
7314
microsoft windows server 2016
5237
microsoft windows
4906
microsoft windows server 2019
4735
microsoft windows server
3903
microsoft windows 7
3089
microsoft windows server 2022
2992
microsoft windows 10
2583
microsoft windows rt
2147
microsoft windows server 2012 r2
2043
microsoft windows server 2022 23h2
1739
microsoft windows xp
1356
microsoft windows vista
1353
microsoft edge
1324
microsoft windows server 2025
1229
microsoft windows 11
1214
microsoft windows server 2012
1195
microsoft windows server 2022, 23h2 edition
1191
microsoft edge beta
1127
microsoft windows server 2008
1114
microsoft windows 11 23h2
1082
microsoft office
1079
microsoft windows 10 22h2
1045
microsoft windows 10 21h2
1042
microsoft windows 11 24h2
1032
microsoft windows server 2008 r2 for itanium-based systems
1020
microsoft windows 10 1809
1008
microsoft windows 8.1
943
microsoft windows 10 1607
886
microsoft internet explorer
850
microsoft windows 11 22h2
722
microsoft windows 2000
635
microsoft edge (chromium-based)
609
microsoft windows 10 1507
594
microsoft cbl2 kernel 5.15.186.1-1
562
microsoft windows 11 25h2
512
microsoft windows server 2008 r2
491
microsoft windows server 2003
488
microsoft 365 apps for enterprise
438
microsoft azl3 kernel 6.6.96.2-2
378
microsoft windows rt 8.1
357
microsoft windows 2003 server
344
microsoft sharepoint server 2010
342
microsoft office long term servicing channel
338
microsoft windows nt
331
microsoft azl3 kernel 6.6.117.1-1
317
microsoft 365 apps
290
microsoft office excel
284
microsoft exchange server
268
microsoft azl3 kernel 6.6.104.2-4
267

Dark ReadingWindows Zero-Day Barrage Continues After Patch Tuesday

Exploited
Zeroday
First published (updated )
News
Dark Reading

Microsoft Windows 11Windows BitLocker Security Feature Bypass Vulnerability

Risk 62
Severity
6.8
First published (updated )
CVE-2026-45585

Microsoft Windows Admin Center in Azure PortalWindows Admin Center in Azure Portal Elevation of Privilege Vulnerability

Risk 69
Severity
7.8
First published (updated )
CVE-2026-42834

Microsoft Defender Antimalware PlatformMicrosoft Defender Denial of Service Vulnerability

Risk 65
Severity
4
Exploited
First published (updated )
CVE-2026-45498

Microsoft Malware Protection EngineBuffer Overflow

Risk 75
Severity
8.1
First published (updated )
CVE-2026-45584
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

Microsoft Malware Protection EngineMicrosoft Defender Elevation of Privilege Vulnerability

Risk 83
Severity
7.8
Exploited
First published (updated )
CVE-2026-41091

Dark ReadingMicrosoft Exchange Zero-Day Under Attack, No Patch Available

Exploited
Zeroday
First published (updated )
News
Dark Reading

Microsoft Azure LocalAzure Local Disconnected Operations (ALDO) Elevation of Privilege Vulnerability

Risk 87
Severity
10
First published (updated )
CVE-2026-42822

BleepingComputerMicrosoft rejects critical Azure vulnerability report, no CVE issued

Exploited
First published (updated )
News
BleepingComputer

BleepingComputerMicrosoft Exchange, Windows 11 hacked on second day of Pwn2Own

Exploited
Zeroday
First published (updated )
News
BleepingComputer
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

Microsoft Microsoft APMMicrosoft APM: Windows absolute-path tar member overwrite during legacy-bundle probing in `apm install`

Risk 31
Severity
5.5
First published (updated )
CVE-2026-46383

Microsoft apm-cliMicrosoft APM: Symlinks under `.apm/prompts/` and `.apm/agents/` are dereferenced during `apm install`, copying host-local file contents into the project tree

Risk 42
Severity
7.4
First published (updated )
CVE-2026-45539

Microsoft Edge (Chromium-based)Microsoft Edge (Chromium-based) Spoofing Vulnerability

Risk 38
Severity
6.1
First published (updated )
CVE-2026-45494

Microsoft Edge (Chromium-based)Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability

Risk 86
Severity
9.8
First published (updated )
CVE-2026-45495

Microsoft Edge (Chromium-based)Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability

Risk 34
Severity
5.4
First published (updated )
CVE-2026-45492
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

Linux Linux kernelptrace: slightly saner 'get_dumpable()' logic

Risk 34
Severity
5.5
Trending
Week
First published (updated )
CVE-2026-46333

BleepingComputerWindows 11 and Microsoft Edge hacked at Pwn2Own Berlin 2026

Exploited
Zeroday
First published (updated )
News
BleepingComputer

Microsoft Authenticator for AndroidMicrosoft Authenticator Information Disclosure Vulnerability

Risk 80
Severity
9.6
First published (updated )
CVE-2026-41615

Microsoft Exchange ServerMicrosoft Exchange Server Cross-Site Scripting Vulnerability

Risk 72
Severity
8.1
Exploited
Trending
Week
First published (updated )
CVE-2026-42897

PostgreSQL postgresqlPostgreSQL refint allows stack buffer overflow and SQL injection

Risk 83
Severity
8.8
First published (updated )
CVE-2026-6637
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

PostgreSQL postgresqlPostgreSQL REFRESH PUBLICATION allows SQL injection via table name

Risk 83
Severity
8.8
First published (updated )
CVE-2026-6638

PostgreSQL postgresqlPostgreSQL SSL/GSS init causes denial of service, via uncontrolled recursion

Risk 46
Severity
7.5
First published (updated )
CVE-2026-6479

PostgreSQL postgresqlPostgreSQL discloses MD5-hashed passwords via covert timing channel

Risk 42
Severity
6.5
First published (updated )
CVE-2026-6478

PostgreSQL postgresqlPostgreSQL libpq lo_* functions let server superuser overwrite client stack memory

Risk 81
Severity
8.8
First published (updated )
CVE-2026-6477

PostgreSQL postgresqlPostgreSQL pg_basebackup and pg_rewind can overwrite unrelated files of origin superuser choice

Risk 81
Severity
8.8
First published (updated )
CVE-2026-6475
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

PostgreSQL postgresqlPostgreSQL timeofday() can disclose portions of server memory

Risk 24
Severity
4.3
First published (updated )
CVE-2026-6474

PostgreSQL postgresqlPostgreSQL server undersizes allocations, via integer wraparound

Risk 83
Severity
8.8
First published (updated )
CVE-2026-6473

PostgreSQL postgresqlPostgreSQL CREATE TYPE does not check multirange schema CREATE privilege

Risk 36
Severity
5.4
First published (updated )
CVE-2026-6472

BleepingComputerWindows BitLocker zero-day gives access to protected drives, PoC released

Exploited
First published (updated )
News
BleepingComputer

Palo Alto Networks Prisma Access AgentPrisma Access Agent: Improper Certificate Validation Vulnerability (Severity: MEDIUM)

Risk 62
Severity
8.6
First published (updated )
CVE-2026-0248
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2026 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203