Security Vulnerabilities
Improper access control in M365 Copilot allows an authorized attacker to perform spoofing locally.
CVSS Score
4.4
EPSS Score
0.0
Published
2026-05-12
Improper access control in Microsoft Office Word allows an authorized attacker to perform spoofing locally.
CVSS Score
7.1
EPSS Score
0.0
Published
2026-05-12
Improper access control in Microsoft Office PowerPoint allows an authorized attacker to perform spoofing locally.
CVSS Score
7.1
EPSS Score
0.0
Published
2026-05-12
Incorrect implementation of authentication algorithm in Microsoft SSO Plugin for Jira & Confluence allows an unauthorized attacker to elevate privileges over a network.
CVSS Score
9.1
EPSS Score
0.002
Published
2026-05-12
Use after free in Microsoft Office allows an authorized attacker to elevate privileges locally.
CVSS Score
7.8
EPSS Score
0.0
Published
2026-05-12
Use after free in Microsoft Office allows an authorized attacker to elevate privileges locally.
CVSS Score
8.8
EPSS Score
0.0
Published
2026-05-12
Files or directories accessible to external parties in Microsoft Office Word allows an unauthorized attacker to disclose information locally.
CVSS Score
4.3
EPSS Score
0.001
Published
2026-05-12
Improper access control in Windows Admin Center allows an authorized attacker to elevate privileges over a network.
CVSS Score
8.8
EPSS Score
0.001
Published
2026-05-12
Access of resource using incompatible type ('type confusion') in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.
CVSS Score
7.8
EPSS Score
0.001
Published
2026-05-12
Stack-based buffer overflow in Windows Netlogon allows an unauthorized attacker to execute code over a network.
CVSS Score
9.8
EPSS Score
0.001
Published
2026-05-12