Microsoft Partner Center — known CVE vulnerabilities
Every CVE whose affected-product data names Microsoft Partner Center, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (5)
CVE-2025-65041 — CVSS 10.0 (critical): Improper authorization in Microsoft Partner Center allows an unauthorized attacker to elevate privileges over a network.
CVE-2026-24303 — CVSS 9.6 (critical): Improper access control in Microsoft Partner Center allows an authorized attacker to elevate privileges over a network.
CVE-2025-29814 — CVSS 9.3 (critical): Improper authorization in Microsoft Partner Center allows an authorized attacker to elevate privileges over a network.
CVE-2026-34327 — CVSS 8.2 (high): Externally controlled reference to a resource in another sphere in Microsoft Partner Center allows an unauthorized attacker to perform…