Shodan
Vulnerabilities
Vulnerable Software
Microsoft:  Security Vulnerabilities
CVE-2026-7342
Use after free in WebView in Google Chrome on Android prior to 147.0.7727.138 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
CVSS Score
8.8
EPSS Score
0.001
Published
2026-04-28
CVE-2026-7343
Use after free in Views in Google Chrome on Windows prior to 147.0.7727.138 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Critical)
CVSS Score
7.5
EPSS Score
0.001
Published
2026-04-28
CVE-2026-7344
Use after free in Accessibility in Google Chrome on Windows prior to 147.0.7727.138 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Critical)
CVSS Score
8.8
EPSS Score
0.0
Published
2026-04-28
CVE-2026-7333
Use after free in GPU in Google Chrome prior to 147.0.7727.138 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)
CVSS Score
9.6
EPSS Score
0.001
Published
2026-04-28
CVE-2026-7334
Use after free in Views in Google Chrome on Mac prior to 147.0.7727.138 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
CVSS Score
8.8
EPSS Score
0.0
Published
2026-04-28
CVE-2026-21515
Exposure of sensitive information to an unauthorized actor in Azure IOT Central allows an authorized attacker to elevate privileges over a network.
CVSS Score
9.9
EPSS Score
0.001
Published
2026-04-24
CVE-2026-35431
Server-side request forgery (ssrf) in Microsoft Entra ID Entitlement Management allows an unauthorized attacker to perform spoofing over a network.
CVSS Score
10.0
EPSS Score
0.001
Published
2026-04-23
CVE-2026-33102
Url redirection to untrusted site ('open redirect') in M365 Copilot allows an unauthorized attacker to elevate privileges over a network.
CVSS Score
9.3
EPSS Score
0.0
Published
2026-04-23
CVE-2026-33819
Deserialization of untrusted data in Microsoft Bing allows an unauthorized attacker to execute code over a network.
CVSS Score
10.0
EPSS Score
0.004
Published
2026-04-23
CVE-2026-32210
Server-side request forgery (ssrf) in Microsoft Dynamics 365 (Online) allows an unauthorized attacker to perform spoofing over a network.
CVSS Score
9.3
EPSS Score
0.0
Published
2026-04-23


Products
Pricing
Contact Us

Shodan ® - All rights reserved