CVE-2026-42835
- EPSS 1.26%
- Veröffentlicht 09.06.2026 17:17:09
- Zuletzt bearbeitet 12.06.2026 19:28:41
Improper neutralization of special elements in output used by a downstream component ('injection') in Microsoft Teams for Android allows an authorized attacker to disclose information over a network.
CVE-2026-32185
- EPSS 0.47%
- Veröffentlicht 12.05.2026 16:59:00
- Zuletzt bearbeitet 18.05.2026 13:33:56
Files or directories accessible to external parties in Microsoft Teams allows an unauthorized attacker to perform spoofing locally.
CVE-2026-33823
- EPSS 0.72%
- Veröffentlicht 07.05.2026 20:58:52
- Zuletzt bearbeitet 08.05.2026 19:58:39
Improper authorization in Microsoft Teams allows an authorized attacker to disclose information over a network.
CVE-2026-26133
- EPSS 0.43%
- Veröffentlicht 13.03.2026 21:10:13
- Zuletzt bearbeitet 09.04.2026 18:16:57
AI command injection in M365 Copilot allows an unauthorized attacker to disclose information over a network.
CVE-2026-21535
- EPSS 0.59%
- Veröffentlicht 19.02.2026 22:06:20
- Zuletzt bearbeitet 20.02.2026 17:39:46
Improper access control in Microsoft Teams allows an unauthorized attacker to disclose information over a network.
CVE-2025-53783
- EPSS 0.76%
- Veröffentlicht 12.08.2025 17:10:41
- Zuletzt bearbeitet 03.09.2025 14:48:23
Heap-based buffer overflow in Microsoft Teams allows an unauthorized attacker to execute code over a network.
- EPSS 0.18%
- Veröffentlicht 08.07.2025 16:58:14
- Zuletzt bearbeitet 13.02.2026 14:34:47
Concurrent execution using shared resource with improper synchronization ('race condition') in Microsoft Teams allows an authorized attacker to elevate privileges locally.
CVE-2025-49731
- EPSS 0.37%
- Veröffentlicht 08.07.2025 16:57:24
- Zuletzt bearbeitet 13.02.2026 14:32:33
Improper handling of insufficient permissions or privileges in Microsoft Teams allows an authorized attacker to elevate privileges over a network.
CVE-2024-42004
- EPSS 0.79%
- Veröffentlicht 18.12.2024 23:15:08
- Zuletzt bearbeitet 26.08.2025 15:38:03
A library injection vulnerability exists in Microsoft Teams (work or school) 24046.2813.2770.1094 for macOS. A specially crafted library can leverage Teams's access privileges, leading to a permission bypass. A malicious application could inject a li...
CVE-2024-41145
- EPSS 0.78%
- Veröffentlicht 18.12.2024 23:15:07
- Zuletzt bearbeitet 26.08.2025 15:32:29
A library injection vulnerability exists in the WebView.app helper app of Microsoft Teams (work or school) 24046.2813.2770.1094 for macOS. A specially crafted library can leverage Teams's access privileges, leading to a permission bypass. A malicious...