Defender for Endpoint
by Microsoft
CVEs (13)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-45647 | Med | 0.36 | 5.5 | 0.00 | Jun 9, 2026 | Time-of-check time-of-use (toctou) race condition in Microsoft Defender for Endpoint allows an authorized attacker to elevate privileges locally. | ||
| CVE-2025-47161 | 0.03 | — | 0.01 | May 15, 2025 | Improper access control in Microsoft Defender for Endpoint allows an authorized attacker to elevate privileges locally. | |||
| CVE-2026-21537 | 0.00 | — | 0.01 | Feb 10, 2026 | Improper control of generation of code ('code injection') in Microsoft Defender for Linux allows an unauthorized attacker to execute code over an adjacent network. | |||
| CVE-2025-59497 | 0.00 | — | 0.00 | Oct 14, 2025 | Time-of-check time-of-use (toctou) race condition in Microsoft Defender for Linux allows an authorized attacker to deny service locally. | |||
| CVE-2025-26684 | 0.00 | — | 0.00 | May 13, 2025 | External control of file name or path in Microsoft Defender for Endpoint allows an authorized attacker to elevate privileges locally. | |||
| CVE-2024-49057 | 0.00 | — | 0.02 | Dec 10, 2024 | Microsoft Defender for Endpoint on Android Spoofing Vulnerability | |||
| CVE-2024-43614 | 0.00 | — | 0.01 | Oct 8, 2024 | Relative path traversal in Microsoft Defender for Endpoint allows an authorized attacker to perform spoofing locally. | |||
| CVE-2024-21315 | 0.00 | — | 0.01 | Feb 13, 2024 | Microsoft Defender for Endpoint Protection Elevation of Privilege Vulnerability | |||
| CVE-2023-21809 | 0.00 | — | 0.01 | Feb 14, 2023 | Microsoft Defender for Endpoint Security Feature Bypass Vulnerability | |||
| CVE-2022-35828 | 0.00 | — | 0.00 | Sep 13, 2022 | Microsoft Defender for Endpoint for Mac Elevation of Privilege Vulnerability | |||
| CVE-2022-33637 | 0.00 | — | 0.01 | Jul 12, 2022 | Microsoft Defender for Endpoint Tampering Vulnerability | |||
| CVE-2022-23278 | 0.00 | — | 0.02 | Mar 9, 2022 | Microsoft Defender for Endpoint Spoofing Vulnerability | |||
| CVE-2020-17090 | 0.00 | — | 0.03 | Nov 11, 2020 | Microsoft Defender for Endpoint Security Feature Bypass Vulnerability |
- risk 0.36cvss 5.5epss 0.00
Time-of-check time-of-use (toctou) race condition in Microsoft Defender for Endpoint allows an authorized attacker to elevate privileges locally.
- CVE-2025-47161May 15, 2025risk 0.03cvss —epss 0.01
Improper access control in Microsoft Defender for Endpoint allows an authorized attacker to elevate privileges locally.
- CVE-2026-21537Feb 10, 2026risk 0.00cvss —epss 0.01
Improper control of generation of code ('code injection') in Microsoft Defender for Linux allows an unauthorized attacker to execute code over an adjacent network.
- CVE-2025-59497Oct 14, 2025risk 0.00cvss —epss 0.00
Time-of-check time-of-use (toctou) race condition in Microsoft Defender for Linux allows an authorized attacker to deny service locally.
- CVE-2025-26684May 13, 2025risk 0.00cvss —epss 0.00
External control of file name or path in Microsoft Defender for Endpoint allows an authorized attacker to elevate privileges locally.
- CVE-2024-49057Dec 10, 2024risk 0.00cvss —epss 0.02
Microsoft Defender for Endpoint on Android Spoofing Vulnerability
- CVE-2024-43614Oct 8, 2024risk 0.00cvss —epss 0.01
Relative path traversal in Microsoft Defender for Endpoint allows an authorized attacker to perform spoofing locally.
- CVE-2024-21315Feb 13, 2024risk 0.00cvss —epss 0.01
Microsoft Defender for Endpoint Protection Elevation of Privilege Vulnerability
- CVE-2023-21809Feb 14, 2023risk 0.00cvss —epss 0.01
Microsoft Defender for Endpoint Security Feature Bypass Vulnerability
- CVE-2022-35828Sep 13, 2022risk 0.00cvss —epss 0.00
Microsoft Defender for Endpoint for Mac Elevation of Privilege Vulnerability
- CVE-2022-33637Jul 12, 2022risk 0.00cvss —epss 0.01
Microsoft Defender for Endpoint Tampering Vulnerability
- CVE-2022-23278Mar 9, 2022risk 0.00cvss —epss 0.02
Microsoft Defender for Endpoint Spoofing Vulnerability
- CVE-2020-17090Nov 11, 2020risk 0.00cvss —epss 0.03
Microsoft Defender for Endpoint Security Feature Bypass Vulnerability