Common Vulnerabilities and Exposures (CVE)

CVE-2025-59271

Feb 22, 2026 17:26:11 UTC

Redis Enterprise Elevation of Privilege Vulnerability

CVE-2025-59252

Feb 22, 2026 17:26:11 UTC

Improper neutralization of special elements used in a command ('command injection') in Copilot allows an unauthorized attacker to disclose information over a network.

CVE-2025-59247

Feb 22, 2026 17:26:10 UTC

Azure PlayFab Elevation of Privilege Vulnerability

CVE-2025-59246

Feb 22, 2026 17:26:10 UTC

Azure Entra ID Elevation of Privilege Vulnerability

CVE-2025-59218

Feb 22, 2026 17:26:09 UTC

Azure Entra ID Elevation of Privilege Vulnerability

CVE-2025-59497

Feb 22, 2026 17:26:08 UTC

Time-of-check time-of-use (toctou) race condition in Microsoft Defender for Linux allows an authorized attacker to deny service locally.

CVE-2025-59289

Feb 22, 2026 17:26:08 UTC

Double free in Windows Bluetooth Service allows an authorized attacker to elevate privileges locally.

CVE-2025-59287

Feb 22, 2026 17:26:07 UTC

Deserialization of untrusted data in Windows Server Update Service allows an unauthorized attacker to execute code over a network.

CVE-2025-59285

Feb 22, 2026 17:26:07 UTC

Deserialization of untrusted data in Azure Monitor Agent allows an authorized attacker to elevate privileges locally.

CVE-2025-59278

Feb 22, 2026 17:26:06 UTC

Improper validation of specified type of input in Windows Authentication Methods allows an authorized attacker to elevate privileges locally.

CVE-2025-59275

Feb 22, 2026 17:26:05 UTC

Improper validation of specified type of input in Windows Authentication Methods allows an authorized attacker to elevate privileges locally.

CVE-2025-59261

Feb 22, 2026 17:26:05 UTC

Time-of-check time-of-use (toctou) race condition in Microsoft Graphics Component allows an authorized attacker to elevate privileges locally.

CVE-2025-59260

Feb 22, 2026 17:26:04 UTC

Exposure of sensitive information to an unauthorized actor in Microsoft Failover Cluster Virtual Driver allows an authorized attacker to disclose information locally.

CVE-2025-59253

Feb 22, 2026 17:26:03 UTC

Improper access control in Microsoft Windows Search Component allows an authorized attacker to deny service locally.

CVE-2025-59230

Feb 22, 2026 17:26:02 UTC

Improper access control in Windows Remote Access Connection Manager allows an authorized attacker to elevate privileges locally.