1292 matches found
EUVD-2026-35532
Improper handling of insufficient permissions or privileges in Microsoft Dynamics 365 on-premises allows an authorized attacker to elevate privileges over a network...
CVE-2026-40371
Improper handling of insufficient permissions or privileges in Microsoft Dynamics 365 on-premises allows an authorized attacker to elevate privileges over a network...
CVE-2026-40371
Technical details (affected product/component, root cause, and fix) are not publicly available in the provided documents. Monitor for updates.
CVE-2026-40371 Microsoft Dynamics 365 (on-premises) Elevation of Privilege Vulnerability
...
PT-2026-47868
Improper handling of insufficient permissions or privileges in Microsoft Dynamics 365 on-premises allows an authorized attacker to elevate privileges over a network...
Security Updates for Microsoft Dynamics 365 Business Central (May 2026) (CVE-2026-40417)
The Microsoft Dynamics 365 Business Central install is missing a security update. It is, therefore, affected by an elevation of privilege vulnerability: - Weak authentication in Dynamics Business Central allows an authorized attacker to elevate privileges locally. CVE-2026-40417 Note that Nessus...
Microsoft Dynamics 365 (on-premises) < 9.1.45.11 Multiple RCE (May 2026)
The Microsoft Dynamics 365 on-premises is missing security updates. It is, therefore, affected by multiple remote code execution vulnerabilities: - Improper control of generation of code 'code injection' in Microsoft Dynamics 365 on-premises allows an authorized attacker to execute code over a...
CVE-2026-42898
Improper control of generation of code 'code injection' in Microsoft Dynamics 365 on-premises allows an authorized attacker to execute code over a network...
CVE-2026-42833
Improper control of generation of code 'code injection' in Microsoft Dynamics 365 on-premises allows an authorized attacker to execute code over a network...
CVE-2026-33821
Improper privilege management in Microsoft Dynamics 365 Customer Insights allows an authorized attacker to elevate privileges over a network...
EUVD-2026-29718
Improper control of generation of code 'code injection' in Microsoft Dynamics 365 on-premises allows an authorized attacker to execute code over a network...
EUVD-2026-29713
Execution with unnecessary privileges in Microsoft Dynamics 365 on-premises allows an authorized attacker to execute code over a network...
EUVD-2026-29579
Improper privilege management in Microsoft Dynamics 365 Customer Insights allows an authorized attacker to elevate privileges over a network...
CVE-2026-42898
Improper control of generation of code 'code injection' in Microsoft Dynamics 365 on-premises allows an authorized attacker to execute code over a network...
CVE-2026-42833
Improper control of generation of code 'code injection' in Microsoft Dynamics 365 on-premises allows an authorized attacker to execute code over a network...
CVE-2026-33821
Improper privilege management in Microsoft Dynamics 365 Customer Insights allows an authorized attacker to elevate privileges over a network...
CVE-2026-33821 Microsoft Dynamics 365 Customer Insights Elevation of Privilege Vulnerability
...
CVE-2026-33821
CVE-2026-33821 affects Microsoft Dynamics 365 Customer Insights and is an Elevation of Privilege due to improper privilege management. An authenticated attacker could elevate privileges across the network. The vulnerability is confirmed by multiple sources and Microsoft has released updates; impl...
CVE-2026-42833 Microsoft Dynamics 365 On-Premises Remote Code Execution Vulnerability
...
CVE-2026-42833 Microsoft Dynamics 365 On-Premises Remote Code Execution Vulnerability
...