Purview

CVEs (5)

CVE	Vendor / Product	Sev	Risk	CVSS	EPSS	Published	Description
CVE-2026-26150	Microsoft Purview Ediscovery	Hig	0.56	8.6	0.00	Apr 23, 2026	Server-side request forgery (ssrf) in Microsoft Purview allows an unauthorized attacker to elevate privileges over a network.
CVE-2026-26138	Microsoft Purview		0.00	—	0.00	Mar 19, 2026	Server-side request forgery (ssrf) in Microsoft Purview allows an unauthorized attacker to elevate privileges over a network.
CVE-2026-26139	Microsoft Purview		0.00	—	0.00	Mar 19, 2026	Server-side request forgery (ssrf) in Microsoft Purview allows an unauthorized attacker to elevate privileges over a network.
CVE-2025-64676	Microsoft Purview		0.00	—	0.00	Dec 18, 2025	'.../...//' in Microsoft Purview allows an authorized attacker to execute code over a network.
CVE-2025-53762	Microsoft Purview		0.00	—	0.02	Jul 18, 2025	Permissive list of allowed inputs in Microsoft Purview allows an authorized attacker to elevate privileges over a network.

CVE-2026-26150HigApr 23, 2026
Microsoft
Purview Ediscovery
risk 0.56cvss 8.6epss 0.00
Server-side request forgery (ssrf) in Microsoft Purview allows an unauthorized attacker to elevate privileges over a network.
CVE-2026-26138Mar 19, 2026
Microsoft
Purview
risk 0.00cvss —epss 0.00
Server-side request forgery (ssrf) in Microsoft Purview allows an unauthorized attacker to elevate privileges over a network.
CVE-2026-26139Mar 19, 2026
Microsoft
Purview
risk 0.00cvss —epss 0.00
Server-side request forgery (ssrf) in Microsoft Purview allows an unauthorized attacker to elevate privileges over a network.
CVE-2025-64676Dec 18, 2025
Microsoft
Purview
risk 0.00cvss —epss 0.00
'.../...//' in Microsoft Purview allows an authorized attacker to execute code over a network.
CVE-2025-53762Jul 18, 2025
Microsoft
Purview
risk 0.00cvss —epss 0.02
Permissive list of allowed inputs in Microsoft Purview allows an authorized attacker to elevate privileges over a network.