Windows App CVEs and Security Vulnerabilities

Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (9 CVEs found)

Export CSV

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2026-21517	1 Microsoft	2 Windows App, Windows App For Mac	2026-02-26	4.7 Medium
Improper link resolution before file access ('link following') in Windows App for Mac allows an authorized attacker to elevate privileges locally.
CVE-2025-48817	1 Microsoft	28 Remote Desktop, Remote Desktop Client, Windows 10 1507 and 25 more	2026-02-26	8.8 High
Relative path traversal in Remote Desktop Client allows an unauthorized attacker to execute code over a network.
CVE-2025-58718	1 Microsoft	35 Remote, Remote Desktop, Remote Desktop Client and 32 more	2026-02-26	8.8 High
Use after free in Remote Desktop Client allows an unauthorized attacker to execute code over a network.
CVE-2025-32715	1 Microsoft	27 Remote Desktop, Remote Desktop Client, Windows 10 1507 and 24 more	2026-02-20	6.5 Medium
Out-of-bounds read in Remote Desktop Client allows an unauthorized attacker to disclose information over a network.
CVE-2025-26645	1 Microsoft	28 Remote Desktop, Remote Desktop Client, Windows 10 1507 and 25 more	2026-02-13	8.8 High
Relative path traversal in Remote Desktop Client allows an unauthorized attacker to execute code over a network.
CVE-2025-27487	1 Microsoft	27 Remote Desktop, Remote Desktop Client, Windows 10 1507 and 24 more	2026-02-13	8 High
Heap-based buffer overflow in Remote Desktop Client allows an authorized attacker to execute code over a network.
CVE-2025-29967	1 Microsoft	25 Remote Desktop, Windows 10 1507, Windows 10 1607 and 22 more	2026-02-13	8.8 High
Heap-based buffer overflow in Remote Desktop Gateway Service allows an unauthorized attacker to execute code over a network.
CVE-2025-29966	1 Microsoft	26 Remote Desktop, Windows 10 1507, Windows 10 1607 and 23 more	2026-02-13	8.8 High
Heap-based buffer overflow in Windows Remote Desktop allows an unauthorized attacker to execute code over a network.
CVE-2024-49105	1 Microsoft	17 Remote Desktop Client, Windows 10 1507, Windows 10 1607 and 14 more	2025-07-07	8.4 High
Remote Desktop Client Remote Code Execution Vulnerability

Page 1 of 1.