FedRAMP catalog › Microsoft Office 365 GCC High
Microsoft · package FR1824057433
| Status | Impact | From | To |
|---|---|---|---|
| In Process | High | 2026-07-07 | current |
| Severity | CVE | Title | Published |
|---|---|---|---|
| medium | CVE-2026-57211 | CVE-2026-57211: RabbitMQ is a messaging and streaming broker. Prior to 4.1.11 and 4.2.6 on Windo | 2026-07-10 |
| high | CVE-2026-13020 | CVE-2026-13020: A Weak Password Recovery Mechanism for Forgotten Password exists in Esri Portal | 2026-07-07 |
| medium | CVE-2026-9182 | CVE-2026-9182: ArcGIS Server contains an unrestricted file upload vulnerability. An unauthentic | 2026-07-06 |
| high | CVE-2026-57983 | CVE-2026-57983: Improper authorization in Microsoft Edge (Chromium-based) allows an unauthorized | 2026-07-03 |
| medium | CVE-2026-26145 | CVE-2026-26145: Improper access control in Azure Synapse allows an authorized attacker to elevat | 2026-07-02 |
| critical | CVE-2026-41106 | CVE-2026-41106: Url redirection to untrusted site ('open redirect') in M365 Copilot allows an un | 2026-07-02 |
| high | CVE-2026-45659 | Microsoft SharePoint Server Deserialization of Untrusted Data Vulnerability | 2026-07-01 |
| critical | CVE-2026-13775 | CVE-2026-13775: Use after free in GPU in Google Chrome prior to 150.0.7871.47 allowed a remote a | 2026-06-30 |
| critical | CVE-2026-13776 | CVE-2026-13776: Type Confusion in Dawn in Google Chrome prior to 150.0.7871.47 allowed a remote | 2026-06-30 |
| critical | CVE-2026-13780 | CVE-2026-13780: Insufficient validation of untrusted input in ANGLE in Google Chrome prior to 15 | 2026-06-30 |
| critical | CVE-2026-13781 | CVE-2026-13781: Insufficient validation of untrusted input in Skia in Google Chrome prior to 150 | 2026-06-30 |
| critical | CVE-2026-13782 | CVE-2026-13782: Use after free in Browser in Google Chrome prior to 150.0.7871.47 allowed a remo | 2026-06-30 |
| high | CVE-2008-4250 | Microsoft Windows Buffer Overflow Vulnerability | 2026-05-20 |
| high | CVE-2009-1537 | Microsoft DirectX NULL Byte Overwrite Vulnerability | 2026-05-20 |
| high | CVE-2010-0249 | Microsoft Internet Explorer Use-After-Free Vulnerability | 2026-05-20 |
| high | CVE-2010-0806 | Microsoft Internet Explorer Use-After-Free Vulnerability | 2026-05-20 |
| high | CVE-2026-41091 | Microsoft Defender Link Following Vulnerability | 2026-05-20 |
| high | CVE-2026-45498 | Microsoft Defender Denial of Service Vulnerability | 2026-05-20 |
| high | CVE-2026-42897 | Microsoft Exchange Server Cross-Site Scripting Vulnerability | 2026-05-15 |
| high | CVE-2026-32202 | Microsoft Windows Protection Mechanism Failure Vulnerability | 2026-04-28 |
| critical | CVE-2026-33825 | Microsoft Defender Insufficient Granularity of Access Control Vulnerability | 2026-04-22 |
| high | CVE-2009-0238 | Microsoft Office Remote Code Execution | 2026-04-14 |
| high | CVE-2026-32201 | Microsoft SharePoint Server Improper Input Validation Vulnerability | 2026-04-14 |
| high | CVE-2012-1854 | Microsoft Visual Basic for Applications Insecure Library Loading Vulnerability | 2026-04-13 |
| critical | CVE-2023-21529 | Microsoft Exchange Server Deserialization of Untrusted Data Vulnerability | 2026-04-13 |
| high | CVE-2023-36424 | Microsoft Windows Out-of-Bounds Read Vulnerability | 2026-04-13 |
| high | CVE-2025-60710 | Microsoft Windows Link Following Vulnerability | 2026-04-13 |
| high | CVE-2026-20963 | Microsoft SharePoint Deserialization of Untrusted Data Vulnerability | 2026-03-18 |