Search Results (25564 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2026-62826 1 Microsoft 3 Sharepoint Server, Sharepoint Server 2016, Sharepoint Server 2019 2026-07-16 4.6 Medium
Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Office SharePoint allows an authorized attacker to perform spoofing over a network.
CVE-2026-50647 1 Microsoft 14 .net, Windows 10 1607, Windows 10 1809 and 11 more 2026-07-16 7.5 High
Loop with unreachable exit condition ('infinite loop') in Active Directory Federation Services (AD FS) allows an unauthorized attacker to deny service over a network.
CVE-2026-50411 1 Microsoft 14 .net, Windows 10 1607, Windows 10 1809 and 11 more 2026-07-16 7.5 High
Stack-based buffer overflow in Active Directory Federation Services (AD FS) allows an unauthorized attacker to deny service over a network.
CVE-2026-50355 1 Microsoft 9 .net, Windows 10 1607, Windows 10 1809 and 6 more 2026-07-16 7.5 High
Stack-based buffer overflow in Active Directory Federation Services allows an unauthorized attacker to deny service over a network.
CVE-2026-50324 1 Microsoft 8 .net, Windows 10 1607, Windows 10 1809 and 5 more 2026-07-16 5.9 Medium
Loop with unreachable exit condition ('infinite loop') in Active Directory Federation Services (AD FS) allows an unauthorized attacker to deny service over a network.
CVE-2026-50368 1 Microsoft 9 .net, Windows 10 1607, Windows 10 1809 and 6 more 2026-07-16 7.5 High
Stack-based buffer overflow in Active Directory Federation Services allows an unauthorized attacker to deny service over a network.
CVE-2026-50304 1 Microsoft 9 .net, Windows 10 1607, Windows 10 1809 and 6 more 2026-07-16 7.5 High
Stack-based buffer overflow in Active Directory Federation Services allows an unauthorized attacker to deny service over a network.
CVE-2026-58598 1 Microsoft 5 Windows 10 21h2, Windows 10 22h2, Windows 11 24h2 and 2 more 2026-07-16 7 High
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Backup Engine allows an authorized attacker to elevate privileges locally.
CVE-2026-58643 1 Microsoft 1 Windows Admin Center 2026-07-16 6.1 Medium
Improper neutralization of input during web page generation ('cross-site scripting') in Windows Admin Center allows an unauthorized attacker to perform spoofing over a network.
CVE-2026-50653 1 Microsoft 2 .net, Azure Active Directory 2026-07-16 7.5 High
Loop with unreachable exit condition ('infinite loop') in Azure Active Directory allows an unauthorized attacker to deny service over a network.
CVE-2026-50652 1 Microsoft 2 .net, Azure Active Directory 2026-07-16 7.5 High
Deserialization of untrusted data in Azure Active Directory allows an unauthorized attacker to deny service over a network.
CVE-2026-59117 1 Microsoft 1 Terminal 2026-07-16 7.5 High
Integer overflow or wraparound in Windows Terminal allows an unauthorized attacker to execute code over a network.
CVE-2026-59862 1 Microsoft 1 Kiota 2026-07-16 7.5 High
Kiota is an OpenAPI based HTTP Client code generator. Prior to 1.32.0, Kiota's Python generator let attacker-controlled enum value descriptions from x-ms-enum.values[].description flow through KiotaBuilder.SetEnumOptions into Documentation.DescriptionTemplate and PythonConventionService.RemoveInvalidDescriptionCharacters without newline sanitization, allowing generated inline comments to split and execute attacker-controlled Python code at module scope when generated modules were imported. This issue is fixed in version 1.32.0.
CVE-2026-54568 1 Microsoft 1 Ufo 2026-07-16 4.3 Medium
Microsoft UFO open-source framework for intelligent automation across devices and platforms. From 3.0.0 until 3.0.6, a client connected to the UFO WebSocket server as a DEVICE could call DEVICE_INFO_REQUEST with another device's target_id and receive that device's server-side system_info through ufo/server/ws/handler.py, because handle_device_info_request and get_device_info did not enforce the constellation-only role or object-level authorization boundary. This issue is fixed in version 3.0.6.
CVE-2026-58644 1 Microsoft 3 Sharepoint Server, Sharepoint Server 2016, Sharepoint Server 2019 2026-07-16 9.8 Critical
Deserialization of untrusted data in Microsoft Office SharePoint allows an unauthorized attacker to execute code over a network.
CVE-2026-55440 1 Microsoft 1 Ufo 2026-07-16 6.5 Medium
Microsoft UFO open-source framework for intelligent automation across devices and platforms. Prior to 3.0.7, the COMMAND_RESULTS handler in ufo/server/ws/handler.py called get_or_create_session in ufo/server/services/session_manager.py without owner_client_id, allowing an authenticated client to create an unowned attacker-chosen session_id such as constellation_task_id = f"{task_name}@{task_id}" and deny the legitimate owner or exhaust memory with phantom sessions. This issue is fixed in version 3.0.7.
CVE-2026-59865 1 Microsoft 1 Kiota 2026-07-16 N/A
Kiota is an OpenAPI based HTTP Client code generator. Prior to 1.32.5, `kiota info` read x-ms-kiota-info.languagesInformation.<language>.dependencyInstallCommand plus dependency name and version values from an OpenAPI description and presented the spec-supplied command as Kiota's recommended install command, allowing an attacker-controlled or compromised description to cause command injection when the suggested command was run manually or through the Kiota VS Code extension's kiota info --json dependency-install flow. This issue is fixed in version 1.32.5.
CVE-2026-59864 1 Microsoft 1 Kiota 2026-07-16 N/A
Kiota is an OpenAPI based HTTP Client code generator. Prior to 1.32.5, `kiota plugin add` and `kiota plugin generate` (with `-t APIPlugin`) emitted attacker-controlled static_template.file values from x-ai-adaptive-card and x-ai-capabilities into generated Microsoft 365 Copilot and Teams plugin manifests without path validation, allowing ../, absolute, rooted, UNC, Windows drive, or URI paths in response_semantics.static_template.file to cause path traversal or out-of-package file inclusion when the generated plugin was deployed. This issue is fixed in version 1.32.5.
CVE-2026-59866 1 Microsoft 1 Kiota 2026-07-16 N/A
Kiota is an OpenAPI based HTTP Client code generator. Prior to 1.32.5, Kiota emitted x-ms-kiota-info clientClassName and clientNamespaceName values without identifier or path sanitization as both generated client class or namespace names and generated output path components when `kiota generate` ran without -c/--class-name, allowing an attacker-controlled or compromised OpenAPI description to write generated source outside the -o output directory and inject arbitrary text into generated class or namespace declarations. This issue is fixed in version 1.32.5 by GenerationConfiguration.SanitizeClientClassName and SanitizeClientNamespaceName.
CVE-2026-59867 1 Microsoft 1 Kiota 2026-07-16 7.1 High
Kiota is an OpenAPI based HTTP Client code generator. Prior to 1.32.5, Kiota resolved OpenAPI $ref values by fetching remote http(s) URLs and reading local absolute or out-of-tree file paths, allowing `kiota generate` on an attacker-controlled or attacker-influenced description to perform build-time SSRF, remote file inclusion, and local file inclusion by inlining external schemas such as REMOTE_KIOTA_PROP or Leaked into generated clients. This issue is fixed in version 1.32.5 by AllowedExternalOriginsStreamLoader and the --allowed-external-origins option.