cbcvebase.

Microsoft Purview vulnerabilities

5 known vulnerabilities affecting microsoft/microsoft_purview.

Total CVEs
5
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL2HIGH2MEDIUM1

Vulnerabilities

Page 1 of 1
CVE-2026-26138P2CRITICALCVSS 10.0v-2026-03-19
CVE-2026-26138 [CRITICAL] CWE-918 CVE-2026-26138: Server-side request forgery (ssrf) in Microsoft Purview allows an unauthorized attacker to elevate p Server-side request forgery (ssrf) in Microsoft Purview allows an unauthorized attacker to elevate privileges over a network.
nvd
CVE-2025-53762P2CRITICALCVSS 9.9v-2025-07-18
CVE-2025-53762 [CRITICAL] CWE-183 CVE-2025-53762: Permissive list of allowed inputs in Microsoft Purview allows an authorized attacker to elevate priv Permissive list of allowed inputs in Microsoft Purview allows an authorized attacker to elevate privileges over a network.
nvd
CVE-2026-26139P3HIGHCVSS 8.6v-2026-03-19
CVE-2026-26139 [HIGH] CWE-918 CVE-2026-26139: Server-side request forgery (ssrf) in Microsoft Purview allows an unauthorized attacker to elevate p Server-side request forgery (ssrf) in Microsoft Purview allows an unauthorized attacker to elevate privileges over a network.
nvd
CVE-2025-21385P3MEDIUMCVSS 6.5v-2025-01-09
CVE-2025-21385 [MEDIUM] CWE-918 CVE-2025-21385: A Server-Side Request Forgery (SSRF) vulnerability in Microsoft Purview allows an authorized attacke A Server-Side Request Forgery (SSRF) vulnerability in Microsoft Purview allows an authorized attacker to disclose information over a network.
nvd
CVE-2025-64676P3HIGHCVSS 7.2v-2025-12-18
CVE-2025-64676 [HIGH] CWE-35 CVE-2025-64676: '.../...//' in Microsoft Purview allows an authorized attacker to execute code over a network. '.../...//' in Microsoft Purview allows an authorized attacker to execute code over a network.
nvd
Microsoft Purview vulnerabilities | cvebase