Powershell
by Microsoft
CVEs (58)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2018-8327 | Cri | 0.65 | 9.8 | 0.21 | Jul 11, 2018 | A remote code execution vulnerability exists in PowerShell Editor Services, aka "PowerShell Editor Services Remote Code Execution Vulnerability." This affects PowerShell Editor, PowerShell Extension. | ||
| CVE-2026-26170 | Hig | 0.51 | 7.8 | 0.00 | Apr 14, 2026 | Improper input validation in Microsoft PowerShell allows an authorized attacker to elevate privileges locally. | ||
| CVE-2026-26143 | Hig | 0.51 | 7.8 | 0.01 | Apr 14, 2026 | Improper input validation in Microsoft PowerShell allows an unauthorized attacker to bypass a security feature locally. | ||
| CVE-2018-8292 | Hig | 0.50 | 7.5 | 0.15 | Oct 10, 2018 | An information disclosure vulnerability exists in .NET Core when authentication information is inadvertently exposed in a redirect, aka ".NET Core Information Disclosure Vulnerability." This affects .NET Core 2.1, .NET Core 1.0, .NET Core 1.1, PowerShell Core 6.0. | ||
| CVE-2026-26171 | Hig | 0.42 | 7.5 | 0.02 | Apr 14, 2026 | Uncontrolled resource consumption in .NET allows an unauthorized attacker to deny service over a network. | ||
| CVE-2022-24512 | Med | 0.34 | 6.3 | 0.02 | Mar 9, 2022 | .NET and Visual Studio Remote Code Execution Vulnerability | ||
| CVE-2024-21409 | 0.05 | — | 0.03 | Apr 9, 2024 | .NET, .NET Framework, and Visual Studio Remote Code Execution Vulnerability | |||
| CVE-2022-41076 | 0.03 | — | 0.62 | Dec 13, 2022 | PowerShell Remote Code Execution Vulnerability | |||
| CVE-2018-8256 | 0.02 | — | 0.23 | Nov 14, 2018 | A remote code execution vulnerability exists when PowerShell improperly handles specially crafted files, aka "Microsoft PowerShell Remote Code Execution Vulnerability." This affects Windows RT 8.1, PowerShell Core 6.0, Microsoft.PowerShell.Archive 1.2.2.0, Windows Server 2016,… | |||
| CVE-2022-23267 | 0.01 | — | 0.05 | May 10, 2022 | .NET and Visual Studio Denial of Service Vulnerability | |||
| CVE-2021-43896 | 0.01 | — | 0.02 | Dec 15, 2021 | Microsoft PowerShell Spoofing Vulnerability | |||
| CVE-2019-0657 | 0.01 | — | 0.05 | Mar 6, 2019 | A vulnerability exists in certain .Net Framework API's and Visual Studio in the way they parse URL's, aka '.NET Framework and Visual Studio Spoofing Vulnerability'. | |||
| CVE-2025-25004 | 0.00 | — | 0.00 | Oct 14, 2025 | Improper access control in Microsoft PowerShell allows an authorized attacker to elevate privileges locally. | |||
| CVE-2025-49734 | 0.00 | — | 0.00 | Sep 9, 2025 | Improper restriction of communication channel to intended endpoints in Windows PowerShell allows an authorized attacker to elevate privileges locally. | |||
| CVE-2025-30399 | 0.00 | — | 0.01 | Jun 13, 2025 | Untrusted search path in .NET and Visual Studio allows an unauthorized attacker to execute code over a network. | |||
| CVE-2025-21171 | 0.00 | — | 0.02 | Jan 14, 2025 | .NET Remote Code Execution Vulnerability | |||
| CVE-2024-43498 | 0.00 | — | 0.04 | Nov 12, 2024 | .NET and Visual Studio Remote Code Execution Vulnerability | |||
| CVE-2024-43499 | 0.00 | — | 0.03 | Nov 12, 2024 | .NET and Visual Studio Denial of Service Vulnerability | |||
| CVE-2024-43485 | 0.00 | — | 0.03 | Oct 8, 2024 | .NET and Visual Studio Denial of Service Vulnerability | |||
| CVE-2024-43484 | 0.00 | — | 0.03 | Oct 8, 2024 | .NET, .NET Framework, and Visual Studio Denial of Service Vulnerability |
- risk 0.65cvss 9.8epss 0.21
A remote code execution vulnerability exists in PowerShell Editor Services, aka "PowerShell Editor Services Remote Code Execution Vulnerability." This affects PowerShell Editor, PowerShell Extension.
- risk 0.51cvss 7.8epss 0.00
Improper input validation in Microsoft PowerShell allows an authorized attacker to elevate privileges locally.
- risk 0.51cvss 7.8epss 0.01
Improper input validation in Microsoft PowerShell allows an unauthorized attacker to bypass a security feature locally.
- risk 0.50cvss 7.5epss 0.15
An information disclosure vulnerability exists in .NET Core when authentication information is inadvertently exposed in a redirect, aka ".NET Core Information Disclosure Vulnerability." This affects .NET Core 2.1, .NET Core 1.0, .NET Core 1.1, PowerShell Core 6.0.
- risk 0.42cvss 7.5epss 0.02
Uncontrolled resource consumption in .NET allows an unauthorized attacker to deny service over a network.
- risk 0.34cvss 6.3epss 0.02
.NET and Visual Studio Remote Code Execution Vulnerability
- CVE-2024-21409Apr 9, 2024risk 0.05cvss —epss 0.03
.NET, .NET Framework, and Visual Studio Remote Code Execution Vulnerability
- CVE-2022-41076Dec 13, 2022risk 0.03cvss —epss 0.62
PowerShell Remote Code Execution Vulnerability
- CVE-2018-8256Nov 14, 2018risk 0.02cvss —epss 0.23
A remote code execution vulnerability exists when PowerShell improperly handles specially crafted files, aka "Microsoft PowerShell Remote Code Execution Vulnerability." This affects Windows RT 8.1, PowerShell Core 6.0, Microsoft.PowerShell.Archive 1.2.2.0, Windows Server 2016,…
- CVE-2022-23267May 10, 2022risk 0.01cvss —epss 0.05
.NET and Visual Studio Denial of Service Vulnerability
- CVE-2021-43896Dec 15, 2021risk 0.01cvss —epss 0.02
Microsoft PowerShell Spoofing Vulnerability
- CVE-2019-0657Mar 6, 2019risk 0.01cvss —epss 0.05
A vulnerability exists in certain .Net Framework API's and Visual Studio in the way they parse URL's, aka '.NET Framework and Visual Studio Spoofing Vulnerability'.
- CVE-2025-25004Oct 14, 2025risk 0.00cvss —epss 0.00
Improper access control in Microsoft PowerShell allows an authorized attacker to elevate privileges locally.
- CVE-2025-49734Sep 9, 2025risk 0.00cvss —epss 0.00
Improper restriction of communication channel to intended endpoints in Windows PowerShell allows an authorized attacker to elevate privileges locally.
- CVE-2025-30399Jun 13, 2025risk 0.00cvss —epss 0.01
Untrusted search path in .NET and Visual Studio allows an unauthorized attacker to execute code over a network.
- CVE-2025-21171Jan 14, 2025risk 0.00cvss —epss 0.02
.NET Remote Code Execution Vulnerability
- CVE-2024-43498Nov 12, 2024risk 0.00cvss —epss 0.04
.NET and Visual Studio Remote Code Execution Vulnerability
- CVE-2024-43499Nov 12, 2024risk 0.00cvss —epss 0.03
.NET and Visual Studio Denial of Service Vulnerability
- CVE-2024-43485Oct 8, 2024risk 0.00cvss —epss 0.03
.NET and Visual Studio Denial of Service Vulnerability
- CVE-2024-43484Oct 8, 2024risk 0.00cvss —epss 0.03
.NET, .NET Framework, and Visual Studio Denial of Service Vulnerability
Page 1 of 3