Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (113 CVEs found)

Export CSV
CVE Vendors Products Updated CVSS v3.1
CVE-2026-45454 1 Microsoft 3 Sharepoint Server, Sharepoint Server 2016, Sharepoint Server 2019 2026-06-09 6.5 Medium
Improper limitation of a pathname to a restricted directory ('path traversal') in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.
CVE-2026-33113 1 Microsoft 3 Sharepoint Server, Sharepoint Server 2016, Sharepoint Server 2019 2026-06-09 5.4 Medium
Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Office SharePoint allows an authorized attacker to perform spoofing over a network.
CVE-2026-47641 1 Microsoft 3 Sharepoint Server, Sharepoint Server 2016, Sharepoint Server 2019 2026-06-09 4.6 Medium
Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Office SharePoint allows an authorized attacker to perform spoofing over a network.
CVE-2026-47638 1 Microsoft 3 Sharepoint Server, Sharepoint Server 2016, Sharepoint Server 2019 2026-06-09 4.6 Medium
Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Office SharePoint allows an authorized attacker to perform spoofing over a network.
CVE-2026-47636 1 Microsoft 3 Sharepoint Server, Sharepoint Server 2016, Sharepoint Server 2019 2026-06-09 5.4 Medium
Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Office SharePoint allows an authorized attacker to perform spoofing over a network.
CVE-2026-45456 1 Microsoft 11 365 Apps, Office 2019, Office 2021 and 8 more 2026-06-09 8.4 High
Access of resource using incompatible type ('type confusion') in Microsoft Office allows an unauthorized attacker to execute code locally.
CVE-2026-45453 1 Microsoft 3 Sharepoint Server, Sharepoint Server 2016, Sharepoint Server 2019 2026-06-09 5.4 Medium
Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Office SharePoint allows an authorized attacker to perform spoofing over a network.
CVE-2026-44824 1 Microsoft 11 365 Apps, Office 2016, Office 2019 and 8 more 2026-06-09 7.8 High
Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally.
CVE-2026-44821 1 Microsoft 11 365 Apps, Office 2016, Office 2019 and 8 more 2026-06-09 5.5 Medium
Out-of-bounds read in Microsoft Office allows an unauthorized attacker to disclose information locally.
CVE-2026-45483 1 Microsoft 3 Sharepoint Server, Sharepoint Server 2016, Sharepoint Server 2019 2026-06-09 4.6 Medium
Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Office Project Server allows an authorized attacker to perform spoofing over a network.
CVE-2026-45479 1 Microsoft 3 Sharepoint Server, Sharepoint Server 2016, Sharepoint Server 2019 2026-06-09 4.6 Medium
Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Office SharePoint allows an authorized attacker to perform spoofing over a network.
CVE-2026-45471 1 Microsoft 11 365 Apps, Office 2019, Office 2021 and 8 more 2026-06-09 7.8 High
Untrusted pointer dereference in Microsoft Office Word allows an unauthorized attacker to execute code locally.
CVE-2026-45475 1 Microsoft 11 365 Apps, Office 2016, Office 2019 and 8 more 2026-06-09 7.8 High
Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally.
CVE-2026-45468 1 Microsoft 3 Sharepoint Server, Sharepoint Server 2016, Sharepoint Server 2019 2026-06-09 4.6 Medium
Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Office SharePoint allows an authorized attacker to perform spoofing over a network.
CVE-2026-45467 1 Microsoft 3 Sharepoint Server, Sharepoint Server 2016, Sharepoint Server 2019 2026-06-09 4.6 Medium
Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Office SharePoint allows an authorized attacker to perform spoofing over a network.
CVE-2026-47294 1 Microsoft 5 Sharepoint Enterprise Server 2016, Sharepoint Server, Sharepoint Server 2016 and 2 more 2026-06-03 8 High
Deserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.
CVE-2026-40367 1 Microsoft 13 365 Apps, Office, Office 2019 and 10 more 2026-06-01 8.4 High
Access of resource using incompatible type ('type confusion') in Microsoft Office Word allows an unauthorized attacker to execute code locally.
CVE-2026-40365 1 Microsoft 3 Sharepoint Server, Sharepoint Server 2016, Sharepoint Server 2019 2026-06-01 8.8 High
Deserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.
CVE-2026-32201 1 Microsoft 4 Sharepoint Server, Sharepoint Server 2016, Sharepoint Server 2019 and 1 more 2026-05-28 6.5 Medium
Improper input validation in Microsoft Office SharePoint allows an unauthorized attacker to perform spoofing over a network.
CVE-2026-45659 1 Microsoft 5 Sharepoint Enterprise Server 2016, Sharepoint Server, Sharepoint Server 2016 and 2 more 2026-05-27 8.8 High
Deserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.