Microsoft Outlook For Android vulnerabilities

9 known vulnerabilities affecting microsoft/microsoft_outlook_for_android.

Total CVEs
9
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
HIGH4MEDIUM5

Vulnerabilities

Page 1 of 1
CVE-2026-26133HIGHCVSS 7.1≥ 1.0, < 5.26052026-03-16
CVE-2026-26133 [HIGH] CWE-77 CVE-2026-26133: AI command injection in M365 Copilot allows an unauthorized attacker to disclose information over a AI command injection in M365 Copilot allows an unauthorized attacker to disclose information over a network.
cvelistv5nvd
CVE-2025-29805HIGHCVSS 7.5≥ 1.0, < 4.2509.02025-04-08
CVE-2025-29805 [HIGH] CWE-200 CVE-2025-29805: Exposure of sensitive information to an unauthorized actor in Outlook for Android allows an unauthor Exposure of sensitive information to an unauthorized actor in Outlook for Android allows an unauthorized attacker to disclose information over a network.
cvelistv5nvd
CVE-2025-21259MEDIUMCVSS 5.3≥ 1.0, < 4.2501.12025-02-11
CVE-2025-21259 [MEDIUM] CWE-451 Microsoft Outlook Spoofing Vulnerability Microsoft Outlook Spoofing Vulnerability Microsoft Outlook Spoofing Vulnerability
cvelistv5
CVE-2024-43604HIGHCVSS 8.0≥ 1.0, < 4.2435.22024-10-08
CVE-2024-43604 [MEDIUM] CWE-1220 CVE-2024-43604: Outlook for Android Elevation of Privilege Vulnerability Outlook for Android Elevation of Privilege Vulnerability
cvelistv5nvd
CVE-2024-26204HIGHCVSS 7.5≥ 1.0, < 4.2404.02024-03-12
CVE-2024-26204 [HIGH] CWE-77 CVE-2024-26204: Outlook for Android Information Disclosure Vulnerability Outlook for Android Information Disclosure Vulnerability
cvelistv5nvd
CVE-2022-24480MEDIUMCVSS 6.3≥ 1.0, < Publication2022-12-13
CVE-2022-24480 [MEDIUM] CVE-2022-24480: Outlook for Android Elevation of Privilege Vulnerability Outlook for Android Elevation of Privilege Vulnerability
cvelistv5nvd
CVE-2019-1460MEDIUMCVSS 4.6vunspecified2020-01-24
CVE-2019-1460 [MEDIUM] CVE-2019-1460: A spoofing vulnerability exists in the way Microsoft Outlook for Android software parses specificall A spoofing vulnerability exists in the way Microsoft Outlook for Android software parses specifically crafted email messages, aka 'Outlook for Android Spoofing Vulnerability'.
cvelistv5nvd
CVE-2019-1105MEDIUMCVSS 5.4≥ 1.0, < Publication2019-07-29
CVE-2019-1105 [MEDIUM] CWE-79 CVE-2019-1105: A spoofing vulnerability exists in the way Microsoft Outlook for Android software parses specificall A spoofing vulnerability exists in the way Microsoft Outlook for Android software parses specifically crafted email messages. An authenticated attacker could exploit the vulnerability by sending a specially crafted email message to a victim. The attacker who successfully exploited this vulnerability could then perform cross-site scripting attacks on th
cvelistv5nvd
CVE-2019-1084MEDIUMCVSS 6.5vunspecified2019-07-15
CVE-2019-1084 [MEDIUM] CWE-200 CVE-2019-1084: An information disclosure vulnerability exists when Exchange allows creation of entities with Displa An information disclosure vulnerability exists when Exchange allows creation of entities with Display Names having non-printable characters. An authenticated attacker could exploit this vulnerability by creating entities with invalid display names, which, when added to conversations, remain invisible. This security update addresses the issue by valida
cvelistv5nvd