Where
AND
-Infinity
0

Trending

Last week
Last month
Last year

Vendor Risk Score

See how microsoft compares to other vendors in security performance

View Risk Score →

Software

microsoft windows operating system
1761
microsoft windows server 2016
1334
microsoft windows
1190
microsoft windows server 2019
1134
microsoft windows server
978
microsoft windows 7
789
microsoft windows server 2022
742
microsoft windows 10
645
microsoft windows rt
539
microsoft windows server 2012 r2
490
microsoft windows server 2022 23h2
470
microsoft edge
436
microsoft windows xp
353
microsoft cbl2 kernel 5.15.186.1-1
344
microsoft windows server 2025
343
microsoft windows server 2022, 23h2 edition
329
microsoft windows 11
328
microsoft edge beta
322
microsoft windows server 2012
316
microsoft windows vista
314
microsoft windows server 2008
295
microsoft windows 11 23h2
291
microsoft windows 10 22h2
287
microsoft windows 11 24h2
284
microsoft windows 10 21h2
283
microsoft windows 10 1809
274
microsoft windows 10 1607
253
microsoft internet explorer
247
microsoft windows 11 22h2
215
microsoft azl3 kernel 6.6.117.1-1
204
microsoft windows server 2008 r2 for itanium-based systems
199
microsoft edge (chromium-based)
197
microsoft azl3 kernel 6.6.96.2-2
193
microsoft windows 8.1
185
microsoft windows 2000
182
microsoft windows 10 1507
181
microsoft azl3 kernel 6.6.112.1-2
162
microsoft azl3 kernel 6.6.92.2-1
159
microsoft office
158
microsoft azl3 kernel 6.6.104.2-4
156
microsoft windows server 2008 r2
140
microsoft sharepoint server 2010
135
microsoft windows nt
129
microsoft azl3 kernel 6.6.96.2-1
126
microsoft azl3 kernel 6.6.47.1-1
123
microsoft windows 11 25h2
122
microsoft windows server 2003
120
microsoft exchange server
105
microsoft sharepoint enterprise server 2016
103
microsoft azl3 kernel 6.6.51.1-5
100

Microsoft 365 CopilotM365 Copilot Information Disclosure Vulnerability

Risk 37
Severity
6.5
First published (updated )
CVE-2026-42827

Esri ArcGIS ServerUnvalidated Redirect in ArcGIS Server

Risk 24
Severity
4.7
First published (updated )
CVE-2026-2813

Esri ArcGIS ServerImproper Authentication issue in ArcGIS Server

Risk 27
Severity
5.3
First published (updated )
CVE-2026-2812

ISC BINDUnbounded resend loop in BIND 9 resolver

Risk 29
Severity
5.3
Trending
Week
First published (updated )
CVE-2026-5950

Nlnet Labs UnboundUse after free and crash under special conditions in RPZ code

Risk 37
Severity
4.6
First published (updated )
CVE-2026-44608
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

Nlnet Labs UnboundUnbounded name compression in certain cases causes degradation of service

Risk 34
Severity
6.9
First published (updated )
CVE-2026-44390

Nlnet Labs UnboundPossible cache poisoning via promiscuous records for the authority section

Risk 76
Severity
5.7
First published (updated )
CVE-2026-42960

Nlnet Labs UnboundDegradation of service with unbounded NSEC3 hash calculations

Risk 34
Severity
6.9
First published (updated )
CVE-2026-42923

Nlnet Labs UnboundJostle logic bypass degrades resolution performance

Risk 34
Severity
6.9
First published (updated )
CVE-2026-42534

Nlnet Labs UnboundLong list of incoming EDNS options degrades performance

Risk 46
Severity
6.6
First published (updated )
CVE-2026-41292
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

Nlnet Labs UnboundAnother 'ghost domain names' attack variant

Risk 42
Severity
6.6
First published (updated )
CVE-2026-40622

Nlnet Labs UnboundPacket of death with DNSCrypt

Risk 28
Severity
4.6
First published (updated )
CVE-2026-32792

rsync rsyncRsync < 3.4.3 Authorization Bypass via Hostname Resolution

Risk 38
Severity
6.3
Trending
Week
First published (updated )
CVE-2026-43617

rsync rsyncRsync < 3.4.3 Integer Overflow Information Disclosure

Risk 64
Severity
6.1
Trending
Week
First published (updated )
CVE-2026-43618

rsync rsyncRsync < 3.4.3 Out-of-Bounds Array Read via recv_files()

Risk 44
Severity
6.9
Trending
Week
First published (updated )
CVE-2026-43620
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

Microsoft Windows 11Windows BitLocker Security Feature Bypass Vulnerability

Risk 67
Severity
6.8
Trending
Month
First published (updated )
CVE-2026-45585

Microsoft Microsoft APMMicrosoft APM: Windows absolute-path tar member overwrite during legacy-bundle probing in `apm install`

Risk 31
Severity
5.5
First published (updated )
CVE-2026-46383

Microsoft Edge (Chromium-based)Microsoft Edge (Chromium-based) Spoofing Vulnerability

Risk 38
Severity
6.1
First published (updated )
CVE-2026-45494

Microsoft Edge (Chromium-based)Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability

Risk 34
Severity
5.4
First published (updated )
CVE-2026-45492

PostgreSQL postgresqlPostgreSQL discloses MD5-hashed passwords via covert timing channel

Risk 42
Severity
6.5
First published (updated )
CVE-2026-6478
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

PostgreSQL postgresqlPostgreSQL timeofday() can disclose portions of server memory

Risk 24
Severity
4.3
First published (updated )
CVE-2026-6474

PostgreSQL postgresqlPostgreSQL CREATE TYPE does not check multirange schema CREATE privilege

Risk 36
Severity
5.4
First published (updated )
CVE-2026-6472

Palo Alto Networks Prisma Access AgentPrisma Access Agent: Information Disclosure Vulnerabilities (Severity: MEDIUM)

Risk 37
Severity
6.8
First published (updated )
CVE-2026-0245

Nginx NGINX PlusNGINX ngx_quic_module vulnerability

Risk 43
Severity
6.9
First published (updated )
CVE-2026-40460

Nginx NGINX Open SourceNGINX ngx_http_charset_module vulnerability

Risk 39
Severity
6.3
First published (updated )
CVE-2026-42934
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

F5 NGINX PlusNGINX ngx_http_ssl_module vulnerability

Risk 39
Severity
6.3
First published (updated )
CVE-2026-40701

Adobe IllustratorIllustrator | NULL Pointer Dereference (CWE-476)

Risk 40
Severity
5.5
First published (updated )
CVE-2026-34662

Adobe IllustratorIllustrator | Out-of-bounds Read (CWE-125)

Risk 31
Severity
5.5
First published (updated )
CVE-2026-34663

Microsoft Display Virtualization for WindowsBuffer Overflow

Risk 37
Severity
6.8
First published (updated )
CVE-2025-36510

Ivanti Secure Access ClientAn incorrect permission assignment for critical resource of Ivanti Secure Access Client   before 22.…

Risk 21
Severity
4.4
EPSS
0.04%
First published (updated )
CVE-2026-7431
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2026 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203