Microsoft Security Vulnerabilities (CVE)

Explore vulnerabilities and security advisories affecting Microsoft products.

7 known CVE vulnerabilities tracked

Critical

High

Medium

Low

None

Vulnerabilities By Year

2025

Products Affected

Partner Center 1 Azure Cosmos Db 1 Azure Language 1 Purview 1 Office Out-Of-Box Experience 1 Azure Container Apps 1 Edge Chromium 1

All Microsoft CVEs

Recent Highest Score Oldest

CVE-2025-64675

8.3 high

Improper neutralization of input during web page generation ('cross-site scripting') in Azure Cosmos DB allows an unauthorized attacker to perform spoofing over a network.

Azure Cosmos Db Dec 19, 2025

CVE-2025-65046

3.1 low

Microsoft Edge (Chromium-based) Spoofing Vulnerability

Edge Chromium Dec 18, 2025

CVE-2025-65037

10.0 critical

Improper control of generation of code ('code injection') in Azure Container Apps allows an unauthorized attacker to execute code over a network.

Azure Container Apps Dec 18, 2025

CVE-2025-64677

8.2 high

Improper neutralization of input during web page generation ('cross-site scripting') in Office Out-of-Box Experience allows an unauthorized attacker to perform spoofing over a network.

Office Out-Of-Box Experience Dec 18, 2025

CVE-2025-65041

10.0 critical

Improper authorization in Microsoft Partner Center allows an unauthorized attacker to elevate privileges over a network.

Partner Center Dec 18, 2025

CVE-2025-64676

7.2 high

'.../...//' in Microsoft Purview allows an authorized attacker to execute code over a network.

Purview Dec 18, 2025

CVE-2025-64663

9.9 critical

Custom Question Answering Elevation of Privilege Vulnerability

Azure Language Dec 18, 2025