Microsoft Account
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in Microsoft Account.
Recent Microsoft Account Security Advisories
| Advisory | Title | Published |
|---|---|---|
| CVE-2026-21264 | CVE-2026-21264 Microsoft Account Spoofing Vulnerability | January 22, 2026 |
| CVE-2024-3177 | CVE-2024-3177 Bypassing mountable secrets policy imposed by the ServiceAccount admission plugin | January 2, 2026 |
| CVE-2007-2768 | CVE-2007-2768 OpenSSH when using OPIE (One-Time Passwords in Everything) for PAM allows remote attackers to determine the existence of certain user accounts which displays a different response if the user account exists and is configured to use one-t | January 1, 2026 |
| CVE-2025-22058 | CVE-2025-22058 udp: Fix memory accounting leak. | January 1, 2026 |
| CVE-2025-38190 | CVE-2025-38190 atm: Revert atm_account_tx() if copy_from_iter_full() fails. | January 1, 2026 |
| CVE-2024-42068 | CVE-2024-42068 bpf: Take return from set_memory_ro() into account with bpf_prog_lock_ro() | January 1, 2026 |
| CVE-2024-56770 | CVE-2024-56770 net/sched: netem: account for backlog updates from child qdisc | January 1, 2026 |
| CVE-2025-68476 | CVE-2025-68476 KEDA has Arbitrary File Read via Insufficient Path Validation in HashiCorp Vault Service Account Credential | December 25, 2025 |
| CVE-2025-38441 | CVE-2025-38441 netfilter: flowtable: account for Ethernet header in nf_flow_pppoe_proto() | December 24, 2025 |
| CVE-2024-58089 | CVE-2024-58089 btrfs: fix double accounting race when btrfs_run_delalloc_range() failed | December 7, 2025 |
By the Year
In 2026 there have been 0 vulnerabilities in Microsoft Account. Last year, in 2025 Account had 1 security vulnerability published. Right now, Account is on track to have less security vulnerabilities in 2026 than it did last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2026 | 0 | 0.00 |
| 2025 | 1 | 8.20 |
It may take a day or so for new Account vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Microsoft Account Security Vulnerabilities
Jan 2025: Microsoft Account Elevation of Privilege Vulnerability
CVE-2025-21396
8.2 - High
- January 29, 2025
Missing authorization in Microsoft Account allows an unauthorized attacker to elevate privileges over a network.
AuthZ
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Microsoft Account or by Microsoft? Click the Watch button to subscribe.
