VYPR
High severity8.8NVD Advisory· Published May 12, 2026· Updated May 16, 2026

CVE-2026-41094

CVE-2026-41094

Description

Improper control of generation of code ('code injection') in Microsoft Data Formulator allows an unauthorized attacker to execute code over a network.

Affected products

2

Patches

Vulnerability mechanics

References

1

News mentions

2