Defender for Linux
by Microsoft
CVEs (3)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-21537 | 0.00 | — | 0.01 | Feb 10, 2026 | Improper control of generation of code ('code injection') in Microsoft Defender for Linux allows an unauthorized attacker to execute code over an adjacent network. | |||
| CVE-2025-59497 | 0.00 | — | 0.00 | Oct 14, 2025 | Time-of-check time-of-use (toctou) race condition in Microsoft Defender for Linux allows an authorized attacker to deny service locally. | |||
| CVE-2024-38089 | 0.00 | — | 0.01 | Jul 9, 2024 | Microsoft Defender for IoT Elevation of Privilege Vulnerability |
- CVE-2026-21537Feb 10, 2026risk 0.00cvss —epss 0.01
Improper control of generation of code ('code injection') in Microsoft Defender for Linux allows an unauthorized attacker to execute code over an adjacent network.
- CVE-2025-59497Oct 14, 2025risk 0.00cvss —epss 0.00
Time-of-check time-of-use (toctou) race condition in Microsoft Defender for Linux allows an authorized attacker to deny service locally.
- CVE-2024-38089Jul 9, 2024risk 0.00cvss —epss 0.01
Microsoft Defender for IoT Elevation of Privilege Vulnerability