Lucene search
+L

184 matches found

NVD
NVD
added 3 days ago5 views

CVE-2026-58647

Improper neutralization of input during web page generation 'cross-site scripting' in Power BI allows an authorized attacker to perform spoofing over a network...

8CVSS0.00538EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 3 days ago3 views

CVE-2026-58647 Microsoft PowerBI Report Server Spoofing Vulnerability

...

8CVSS6.1AI score0.00538EPSS
Exploits0References1
CVE
CVE
added 3 days ago11 views

CVE-2026-58647

CVE-2026-58647 affects Microsoft Power BI Power BI Report Server. The issue is an improper neutralization of input during web page generation, enabling cross-site scripting. Attackers must be authorized, require user interaction, and can exploit over the network to perform spoofing with high impa...

8CVSS6.1AI score0.00538EPSS
Exploits0References1Affected Software1
Microsoft CVE
Microsoft CVE
added 3 days ago5 views

Microsoft PowerBI Report Server Spoofing Vulnerability

Improper neutralization of input during web page generation 'cross-site scripting' in Power BI allows an authorized attacker to perform spoofing over a network...

8CVSS6.1AI score0.00538EPSS
Exploits0
Kaspersky
Kaspersky
added 3 days ago5 views

KLA91151 Multiple vulnerabilities in Microsoft SQL Server

Multiple vulnerabilities were found in Microsoft SQL Server. Malicious users can exploit these vulnerabilities to bypass security restrictions, execute arbitrary code, gain privileges, obtain sensitive information, spoof user interface. Below is a complete list of vulnerabilities: 1. An elevation...

8.8CVSS7.2AI score0.01287EPSS
Exploits0References20
Positive Technologies
Positive Technologies
added 3 days ago6 views

PT-2026-58285

Name of the Vulnerable Software and Affected Versions Power BI Report Server versions prior to 15.0.1121.120 Description Improper neutralization of input during web page generation leads to cross-site scripting XSS, a technique where malicious scripts are injected into trusted websites. This allo...

8CVSS6AI score0.00538EPSS
Exploits0References3
Kaspersky
Kaspersky
added 2026/03/12 12:0 a.m.7 views

KLA90939 OSI vulnerability in Microsoft SQL Server

An information disclosure vulnerability was found in Microsoft SQL Server. Malicious users can exploit this vulnerability to obtain sensitive information. Original advisories CVE-2026-26133 Exploitation Related products Microsoft-Power-BI CVE list CVE-2026-26133 high Solution Install necessary...

7.1CVSS5.8AI score0.00433EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/02/13 12:0 a.m.22 views

Security Update for Microsoft Power BI Report Server (February 2026)

The Microsoft Power BI Report Server on the remote host is missing the February 2026 security update. It is, therefore, affected by an RCE vulnerability. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number. %NASLMINLEVEL 809...

8.8CVSS5.5AI score0.00902EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/02/11 7:44 p.m.7 views

CVE-2026-21229

Improper input validation in Power BI allows an authorized attacker to execute code over a network...

8.8CVSS5.7AI score0.00902EPSS
Exploits0References1
NCSC
NCSC
added 2026/02/10 7:5 p.m.9 views

Vulnerability fixed in Microsoft SQL Server

Microsoft has fixed a vulnerability in SQL Server Power BI. A malicious party could exploit the vulnerability to execute arbitrary code on the vulnerable SQL Server. Microsoft has made updates available that fix the described vulnerability. We recommend that you install these updates. More...

8.8CVSS6.4AI score0.00902EPSS
Exploits0
OSV
OSV
added 2026/02/10 6:16 p.m.4 views

CVE-2026-21229

Improper input validation in Power BI allows an authorized attacker to execute code over a network...

8.8CVSS5.9AI score0.00902EPSS
Exploits0References1
NVD
NVD
added 2026/02/10 6:16 p.m.7 views

CVE-2026-21229

Improper input validation in Power BI allows an authorized attacker to execute code over a network...

8.8CVSS0.00902EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/02/10 5:51 p.m.3 views

CVE-2026-21229 Power BI Remote Code Execution Vulnerability

...

8CVSS5.2AI score0.00902EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/02/10 5:51 p.m.24 views

CVE-2026-21229 Power BI Remote Code Execution Vulnerability

...

8CVSS0.00902EPSS
Exploits0References1
CVE
CVE
added 2026/02/10 5:51 p.m.62 views

CVE-2026-21229

Power BI is affected by CVE-2026-21229 due to improper input validation, enabling an authorized attacker to execute code over a network. CVSS v3.1 base score 8.0 (High). Refer to Microsoft MSRC advisory for mitigations and updates.

8.8CVSS5.7AI score0.00902EPSS
Exploits0References1Affected Software1
Microsoft CVE
Microsoft CVE
added 2026/02/10 4:0 p.m.11 views

Power BI Remote Code Execution Vulnerability

Improper input validation in Power BI allows an authorized attacker to execute code over a network...

8.8CVSS5.7AI score0.00902EPSS
Exploits0
CNNVD
CNNVD
added 2026/02/10 12:0 a.m.7 views

Microsoft Power BI 输入验证错误漏洞

Microsoft Power BI is an interactive data visualization software developed by the American company Microsoft, primarily focused on business intelligence. It is part of the Microsoft Power Platform. There is a vulnerability in input validation of Microsoft Power BI. Attackers can exploit this...

8.8CVSS6AI score0.00902EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/02/10 12:0 a.m.7 views

PT-2026-7335

Name of the Vulnerable Software and Affected Versions Power BI affected versions not specified Description Insufficient input validation in Power BI Report Server can allow a remote attacker to execute code on the network. The issue stems from inadequate input checking. Recommendations At the...

9CVSS5.8AI score0.00902EPSS
Exploits0References4
Kaspersky
Kaspersky
added 2026/02/10 12:0 a.m.10 views

KLA90873 ACE vulnerability in Microsoft SQL Server

A remote code execution vulnerability was found in Microsoft SQL Server. Malicious users can exploit this vulnerability to execute arbitrary code. Original advisories CVE-2026-21229 Exploitation Related products Microsoft-Power-BI CVE list CVE-2026-21229 critical Solution Install necessary update...

8.8CVSS6.5AI score0.00902EPSS
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/10/29 10:51 p.m.5 views

Malicious code in powerbi-visuals-sunburst (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 707c0139d214cc2c615245cb618d8e272c7868e912755bc359aaadb5415b1273 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.8AI score
Exploits0References2
Rows per page
Query Builder