Every CVE whose affected-product data names Microsoft Dataverse, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (5)
CVE-2024-38139 — CVSS 8.7 (high): Improper authentication in Microsoft Dataverse allows an authorized attacker to elevate privileges over a network.
CVE-2025-29807 — CVSS 8.7 (high): Deserialization of untrusted data in Microsoft Dataverse allows an authorized attacker to execute code over a network.
CVE-2025-47732 — CVSS 8.7 (high): Deserialization of untrusted data in Microsoft Dataverse allows an authorized attacker to execute code over a network.
CVE-2025-29826 — CVSS 7.3 (high): Improper handling of insufficient permissions or privileges in Microsoft Dataverse allows an authorized attacker to elevate privileges over…
CVE-2025-24053 — CVSS 7.2 (high): Improper authentication in Microsoft Dataverse allows an authorized attacker to elevate privileges over a network.