67 matches found
Microsoft Power Automate for Desktop < 2.68.237.26118 Information Disclosure (May 2026)
The version of Microsoft Power Automate for desktop installed on the remote Windows host is prior to 2.68.237.26118. It is, therefore, affected by an information disclosure vulnerability: - Exposure of sensitive information to an unauthorized actor in Power Automate allows an authorized attacker ...
CVE-2026-40374
Exposure of sensitive information to an unauthorized actor in Power Automate allows an authorized attacker to disclose information over a network...
EUVD-2026-29653
Exposure of sensitive information to an unauthorized actor in Power Automate allows an authorized attacker to disclose information over a network...
CVE-2026-40374
Exposure of sensitive information to an unauthorized actor in Power Automate allows an authorized attacker to disclose information over a network...
CVE-2026-40374
Exposure of sensitive information to an unauthorized actor in Power Automate allows an authorized attacker to disclose information over a network...
CVE-2026-40374 Microsoft Power Automate Desktop Information Disclosure Vulnerability
...
CVE-2026-40374
CVE-2026-40374 concerns Exposure of sensitive information to an unauthorized actor in Power Automate Desktop. The connected documents indicate an information disclosure vulnerability affecting Power Automate Desktop, with a CVSS v3.1 base score of 6.5 (NETWORK, LOW attack complexity, PRIVILEGES R...
CVE-2026-40374 Microsoft Power Automate Desktop Information Disclosure Vulnerability
...
Microsoft Power Automate Desktop Information Disclosure Vulnerability
Exposure of sensitive information to an unauthorized actor in Power Automate allows an authorized attacker to disclose information over a network...
KLA91036 Multiple vulnerabilities in Microsoft Dynamics
Multiple vulnerabilities were found in Microsoft Dynamics. Malicious users can exploit these vulnerabilities to execute arbitrary code, bypass security restrictions, obtain sensitive information, gain privileges. Below is a complete list of vulnerabilities: 1. A remote code execution vulnerabilit...
PT-2026-40206
Name of the Vulnerable Software and Affected Versions Power Automate affected versions not specified Description Insufficient protection of service data in Power Automate for Desktop allows an authorized attacker to disclose sensitive information over a network. Recommendations At the moment, the...
Microsoft Power Automate 信息泄露漏洞
Microsoft Power Automate is a low-code automation platform developed by the American company Microsoft. It allows users to create automated workflows that can connect and integrate various applications and services. There is an information leakage vulnerability present in Microsoft Power Automate...
EUVD-2024-40745
Malicious code in bioql PyPI...
EUVD-2025-17028
Malicious code in bioql PyPI...
EUVD-2025-11152
Malicious code in bioql PyPI...
EUVD-2025-2266
Malicious code in bioql PyPI...
The vulnerability of the Power Automate for Desktop automation platform, related to insufficient protection of operational data, allows attackers to escalate their privileges.
The vulnerability of the Power Automate for Desktop automation platform is related to insufficient protection for operational data. Exploiting this vulnerability can allow a malicious actor to enhance their privileges remotely...
CVE-2025-47966
Exposure of sensitive information to an unauthorized actor in Power Automate allows an unauthorized attacker to elevate privileges over a network...
CVE-2025-47966
Exposure of sensitive information to an unauthorized actor in Power Automate allows an unauthorized attacker to elevate privileges over a network...
CVE-2025-47966 Power Automate Elevation of Privilege Vulnerability
...