Where
AND
-Infinity
0

Trending

Last week
Last month
Last year

Vendor Risk Score

See how microsoft compares to other vendors in security performance

View Risk Score →

Software

microsoft windows server 2016
3417
microsoft windows server 2019
3216
microsoft windows operating system
3136
microsoft windows
2495
microsoft windows server
2167
microsoft windows server 2022
2121
microsoft windows 10
1767
microsoft windows 7
1539
microsoft windows server 2012 r2
1450
microsoft windows server 2022 23h2
1235
microsoft windows rt
1214
microsoft windows server 2025
863
microsoft windows 11
859
microsoft windows server 2022, 23h2 edition
836
microsoft edge
805
microsoft windows 11 23h2
774
microsoft windows server 2012
771
microsoft windows server 2008 r2 for itanium-based systems
746
microsoft windows 10 21h2
744
microsoft windows 10 22h2
743
microsoft windows 11 24h2
734
microsoft windows 10 1809
716
microsoft edge beta
703
microsoft windows server 2008
627
microsoft windows 10 1607
616
microsoft windows 8.1
608
microsoft windows 11 22h2
494
microsoft windows vista
445
microsoft office
429
microsoft windows xp
424
microsoft windows 10 1507
397
microsoft windows 11 25h2
386
microsoft edge (chromium-based)
376
microsoft 365 apps for enterprise
358
microsoft windows server 2008 r2
336
microsoft office long term servicing channel
293
microsoft 365 apps
244
microsoft cbl2 kernel 5.15.186.1-1
214
microsoft windows rt 8.1
208
microsoft windows 2000
206
microsoft office ltsc 2021 for 64-bit editions
205
microsoft office ltsc 2021 for 32-bit editions
204
microsoft office ltsc 2024 for 32-bit editions
187
microsoft office ltsc 2024 for 64-bit editions
187
microsoft internet explorer
186
microsoft office 2019 for 32-bit editions
185
microsoft office 2019 for 64-bit editions
185
microsoft windows server 2003
181
microsoft azl3 kernel 6.6.96.2-2
173
microsoft windows 11 26h1
170

Microsoft SharePoint Enterprise Server 2016Microsoft SharePoint Remote Code Execution Vulnerability

Risk 79
Severity
8.8
First published (updated )
CVE-2026-45659

Microsoft Azure Privileged Identity Management (PIM)Azure Privileged Identity Management (PIM) Elevation of Privilege Vulnerability

Risk 79
Severity
8.8
First published (updated )
CVE-2026-35430

Microsoft Azure Stack HCIAzure Stack HCI Information Disclosure Vulnerability

Risk 44
Severity
7.7
First published (updated )
CVE-2026-26147

Microsoft Global Secure Access (GSA)Microsoft Global Secure Access (GSA) Information Disclosure Vulnerability

Risk 43
Severity
7.5
First published (updated )
CVE-2026-23663

ISC BINDSIG(0) validation during query flood may lead to undefined behavior

Risk 46
Severity
7.5
Trending
Week
First published (updated )
CVE-2026-5947
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

ISC BINDInvalid handling of CLASS != IN

Risk 46
Severity
7.5
Trending
Week
First published (updated )
CVE-2026-5946

ISC BINDBIND 9 server memory exhaustion during GSS-API TKEY negotiation

Risk 46
Severity
7.5
Trending
Week
First published (updated )
CVE-2026-3039

rsync rsyncRsync < 3.4.3 TOCTOU Race Condition Allows Symlink-Based Arbitrary File Write

Risk 71
Severity
7.3
Trending
Week
First published (updated )
CVE-2026-29518

Nlnet Labs UnboundCrash during DNSSEC validation of malicious content

Risk 50
Severity
8.7
First published (updated )
CVE-2026-42959

Nlnet Labs UnboundHeap overflow with multiple NSID, COOKIE, PADDING EDNS options

Risk 50
Severity
8.7
First published (updated )
CVE-2026-42944
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

Memcached MemcachedIn memcached before 1.6.42, password data for SASL password database authentication has a timing sid…

Risk 79
Severity
8.1
First published (updated )
CVE-2026-47784

Memcached MemcachedIn memcached before 1.6.42, username data for SASL password database authentication has a timing sid…

Risk 79
Severity
8.1
First published (updated )
CVE-2026-47783

rsync rsyncRsync < 3.4.3 Symlink Race Condition via Path-Based Syscalls

Risk 52
Severity
7.2
Trending
Week
First published (updated )
CVE-2026-43619

Microsoft Windows Admin Center in Azure PortalWindows Admin Center in Azure Portal Elevation of Privilege Vulnerability

Risk 69
Severity
7.8
First published (updated )
CVE-2026-42834

Microsoft Defender Antimalware PlatformMicrosoft Defender Denial of Service Vulnerability

Risk 65
Severity
7.5
Exploited
Trending
Month
First published (updated )
CVE-2026-45498
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

Microsoft Malware Protection EngineMicrosoft Defender Remote Code Execution Vulnerability

Risk 75
Severity
8.1
First published (updated )
CVE-2026-45584

Microsoft Malware Protection EngineMicrosoft Defender Link Following Vulnerability

Risk 88
Severity
7.8
Exploited
Trending
Month
First published (updated )
CVE-2026-41091

haveged havegedMissing exit out of permission check in haveged could lead to root exploit

Risk 75
Severity
7.8
Trending
Month
First published (updated )
CVE-2026-41054

Microsoft apm-cliMicrosoft APM: Symlinks under `.apm/prompts/` and `.apm/agents/` are dereferenced during `apm install`, copying host-local file contents into the project tree

Risk 42
Severity
7.4
First published (updated )
CVE-2026-45539

vim VimVim: Command injection in tar#Vimuntar via missing shellescape {special} flag

Risk 62
Severity
7
First published (updated )
CVE-2026-46483
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

Linux Linux kernelptrace: slightly saner 'get_dumpable()' logic

Risk 57
Severity
7.1
Trending
Month
First published (updated )
CVE-2026-46333

CESNET libyanglibyang: lyb_read_string() integer overflow → heap buffer overflow

Risk 43
Severity
7.5
First published (updated )
CVE-2026-44673

Microsoft Exchange ServerMicrosoft Exchange Server Cross-Site Scripting Vulnerability

Risk 72
Severity
8.1
Exploited
First published (updated )
CVE-2026-42897

PostgreSQL postgresqlPostgreSQL refint allows stack buffer overflow and SQL injection

Risk 83
Severity
8.8
First published (updated )
CVE-2026-6637

PostgreSQL postgresqlPostgreSQL REFRESH PUBLICATION allows SQL injection via table name

Risk 83
Severity
8.8
First published (updated )
CVE-2026-6638
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

PostgreSQL postgresqlPostgreSQL SSL/GSS init causes denial of service, via uncontrolled recursion

Risk 46
Severity
7.5
First published (updated )
CVE-2026-6479

PostgreSQL postgresqlPostgreSQL libpq lo_* functions let server superuser overwrite client stack memory

Risk 81
Severity
8.8
First published (updated )
CVE-2026-6477

PostgreSQL postgresqlPostgreSQL pg_basebackup and pg_rewind can overwrite unrelated files of origin superuser choice

Risk 81
Severity
8.8
First published (updated )
CVE-2026-6475

PostgreSQL postgresqlPostgreSQL server undersizes allocations, via integer wraparound

Risk 83
Severity
8.8
First published (updated )
CVE-2026-6473

Palo Alto Networks Prisma Access AgentPrisma Access Agent: Improper Certificate Validation Vulnerability (Severity: MEDIUM)

Risk 62
Severity
8.6
First published (updated )
CVE-2026-0248
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2026 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203