Vulnerability Details CVE-2025-29817
Uncontrolled search path element in Power Automate allows an authorized attacker to disclose information over a network.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 30.3%
CVSS Severity
CVSS v3 Score 5.7
Products affected by CVE-2025-29817
-
cpe:2.3:a:microsoft:power_automate_for_desktop:-
-
cpe:2.3:a:microsoft:power_automate_for_desktop:2.46
-
cpe:2.3:a:microsoft:power_automate_for_desktop:2.46.184.25013
-
cpe:2.3:a:microsoft:power_automate_for_desktop:2.47
-
cpe:2.3:a:microsoft:power_automate_for_desktop:2.47.126.25010
-
cpe:2.3:a:microsoft:power_automate_for_desktop:2.48
-
cpe:2.3:a:microsoft:power_automate_for_desktop:2.48.164.25010
-
cpe:2.3:a:microsoft:power_automate_for_desktop:2.49
-
cpe:2.3:a:microsoft:power_automate_for_desktop:2.49.182.25010
-
cpe:2.3:a:microsoft:power_automate_for_desktop:2.50
-
cpe:2.3:a:microsoft:power_automate_for_desktop:2.50.139.25010
-
cpe:2.3:a:microsoft:power_automate_for_desktop:2.51