Microsoft Powershell Core
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in Microsoft Powershell Core.
By the Year
In 2026 there have been 0 vulnerabilities in Microsoft Powershell Core. Powershell Core did not have any published security vulnerabilities last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2026 | 0 | 0.00 |
| 2025 | 0 | 0.00 |
| 2024 | 0 | 0.00 |
| 2023 | 0 | 0.00 |
| 2022 | 0 | 0.00 |
| 2021 | 4 | 6.78 |
| 2020 | 1 | 0.00 |
| 2019 | 7 | 7.33 |
| 2018 | 7 | 0.00 |
It may take a day or so for new Powershell Core vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Microsoft Powershell Core Security Vulnerabilities
.NET Core and Visual Studio Denial of Service Vulnerability
CVE-2021-26423
7.5 - High
- August 12, 2021
.NET Core and Visual Studio Denial of Service Vulnerability
.NET Core and Visual Studio Information Disclosure Vulnerability
CVE-2021-34485
5 - Medium
- August 12, 2021
.NET Core and Visual Studio Information Disclosure Vulnerability
Feb 2021: .NET Core and Visual Studio Denial of Service Vulnerability
CVE-2021-1721
6.5 - Medium
- February 25, 2021
.NET Core and Visual Studio Denial of Service Vulnerability
.NET Core Remote Code Execution Vulnerability
CVE-2021-26701
8.1 - High
- February 25, 2021
.NET Core Remote Code Execution Vulnerability
.NET Core Remote Code Execution Vulnerability
CVE-2021-26701
8.1 - High
- February 25, 2021
.NET Core Remote Code Execution Vulnerability
May 2020:
CVE-2020-1108
- May 21, 2020
A denial of service vulnerability exists when .NET Core or .NET Framework improperly handles web requests, aka '.NET Core & .NET Framework Denial of Service Vulnerability'.
Sep 2019:
CVE-2019-1301
- September 11, 2019
A denial of service vulnerability exists when .NET Core improperly handles web requests, aka '.NET Core Denial of Service Vulnerability'.
Aug 2019: Git for Visual Studio Elevation of Privilege Vulnerability
CVE-2019-1211
- August 14, 2019
An elevation of privilege vulnerability exists in Git for Visual Studio when it improperly parses configuration files. An attacker who successfully exploited the vulnerability could execute code in the context of another local user. To exploit the vulnerability, an authenticated attacker would need to modify Git configuration files on a system prior to a full installation of the application. The attacker would then need to convince another user on the system to execute specific Git commands. The update addresses the issue by changing the permissions required to edit configuration files.
Jul 2019:
CVE-2019-1167
- July 19, 2019
A security feature bypass vulnerability exists in Windows Defender Application Control (WDAC) which could allow an attacker to bypass WDAC enforcement, aka 'Windows Defender Application Control Security Feature Bypass Vulnerability'.
A vulnerability exists in certain .Net Framework API's and Visual Studio in the way they parse URL's
CVE-2019-0657
5.9 - Medium
- March 05, 2019
A vulnerability exists in certain .Net Framework API's and Visual Studio in the way they parse URL's, aka '.NET Framework and Visual Studio Spoofing Vulnerability'.
Improper Input Validation
A security feature bypass vulnerability exists in Windows which could
CVE-2019-0632
7.8 - High
- March 05, 2019
A security feature bypass vulnerability exists in Windows which could allow an attacker to bypass Device Guard, aka 'Windows Security Feature Bypass Vulnerability'. This CVE ID is unique from CVE-2019-0627, CVE-2019-0631.
A security feature bypass vulnerability exists in Windows which could
CVE-2019-0631
7.8 - High
- March 05, 2019
A security feature bypass vulnerability exists in Windows which could allow an attacker to bypass Device Guard, aka 'Windows Security Feature Bypass Vulnerability'. This CVE ID is unique from CVE-2019-0627, CVE-2019-0632.
A security feature bypass vulnerability exists in Windows which could
CVE-2019-0627
7.8 - High
- March 05, 2019
A security feature bypass vulnerability exists in Windows which could allow an attacker to bypass Device Guard, aka 'Windows Security Feature Bypass Vulnerability'. This CVE ID is unique from CVE-2019-0631, CVE-2019-0632.
Nov 2018:
CVE-2018-8415
- November 14, 2018
A tampering vulnerability exists in PowerShell that could allow an attacker to execute unlogged code, aka "Microsoft PowerShell Tampering Vulnerability." This affects Windows 7, PowerShell Core 6.1, Windows Server 2012 R2, Windows RT 8.1, PowerShell Core 6.0, Windows Server 2019, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers.
Nov 2018:
CVE-2018-8256
- November 14, 2018
A remote code execution vulnerability exists when PowerShell improperly handles specially crafted files, aka "Microsoft PowerShell Remote Code Execution Vulnerability." This affects Windows RT 8.1, PowerShell Core 6.0, Microsoft.PowerShell.Archive 1.2.2.0, Windows Server 2016, Windows Server 2012, Windows Server 2008 R2, Windows Server 2019, Windows 7, Windows Server 2012 R2, PowerShell Core 6.1, Windows 10 Servers, Windows 10, Windows 8.1.
Oct 2018:
CVE-2018-8292
- October 10, 2018
An information disclosure vulnerability exists in .NET Core when authentication information is inadvertently exposed in a redirect, aka ".NET Core Information Disclosure Vulnerability." This affects .NET Core 2.1, .NET Core 1.0, .NET Core 1.1, PowerShell Core 6.0.
Jul 2018:
CVE-2018-8356
- July 11, 2018
A security feature bypass vulnerability exists when Microsoft .NET Framework components do not correctly validate certificates, aka ".NET Framework Security Feature Bypass Vulnerability." This affects .NET Framework 4.7.2, Microsoft .NET Framework 3.0, Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2, ASP.NET Core 1.1, Microsoft .NET Framework 4.5.2, ASP.NET Core 2.0, ASP.NET Core 1.0, .NET Core 1.1, Microsoft .NET Framework 3.5, Microsoft .NET Framework 3.5.1, Microsoft .NET Framework 4.6/4.6.1/4.6.2, .NET Core 1.0, .NET Core 2.0, Microsoft .NET Framework 4.6, Microsoft .NET Framework 4.6/4.6.1/4.6.2/4.7/4.7.1/4.7.1/4.7.2, Microsoft .NET Framework 4.7.2.
.NET Core 1.0, .NET Core 1.1, NET Core 2.0 and PowerShell Core 6.0.0
CVE-2018-0875
- March 14, 2018
.NET Core 1.0, .NET Core 1.1, NET Core 2.0 and PowerShell Core 6.0.0 allow a denial of Service vulnerability due to how specially crafted requests are handled, aka ".NET Core Denial of Service Vulnerability".
Microsoft .NET Framework 1.1, 2.0, 3.0, 3.5, 3.5.1, 4, 4.5, 4.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2 and 5.7 and .NET Core 1.0
CVE-2018-0764
- January 10, 2018
Microsoft .NET Framework 1.1, 2.0, 3.0, 3.5, 3.5.1, 4, 4.5, 4.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2 and 5.7 and .NET Core 1.0. 1.1 and 2.0 allow a denial of service vulnerability due to the way XML documents are processed, aka ".NET and .NET Core Denial Of Service Vulnerability". This CVE is unique from CVE-2018-0765.
Microsoft .NET Framework 2.0 SP2, 3.0 SP2, 3.5, 3.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, .NET Core 1.0 and 2.0, and PowerShell Core 6.0.0
CVE-2018-0786
- January 10, 2018
Microsoft .NET Framework 2.0 SP2, 3.0 SP2, 3.5, 3.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, .NET Core 1.0 and 2.0, and PowerShell Core 6.0.0 allow a security feature bypass vulnerability due to the way certificates are validated, aka ".NET Security Feature Bypass Vulnerability."
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Microsoft Powershell Core or by Microsoft? Click the Watch button to subscribe.
