Every CVE whose affected-product data names Microsoft Purview, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (5)
CVE-2025-21385 — CVSS 8.8 (high): A Server-Side Request Forgery (SSRF) vulnerability in Microsoft Purview allows an authorized attacker to disclose information over a…
CVE-2025-53762 — CVSS 8.7 (high): Permissive list of allowed inputs in Microsoft Purview allows an authorized attacker to elevate privileges over a network.
CVE-2026-26138 — CVSS 8.6 (high): Server-side request forgery (ssrf) in Microsoft Purview allows an unauthorized attacker to elevate privileges over a network.
CVE-2026-26139 — CVSS 8.6 (high): Server-side request forgery (ssrf) in Microsoft Purview allows an unauthorized attacker to elevate privileges over a network.
CVE-2025-64676 — CVSS 7.2 (high): '.../...//' in Microsoft Purview allows an authorized attacker to execute code over a network.