1290 matches found
CVE-2026-40371
Improper handling of insufficient permissions or privileges in Microsoft Dynamics 365 on-premises allows an authorized attacker to elevate privileges over a network...
CVE-2026-40371
Technical details (affected product/component, root cause, and fix) are not publicly available in the provided documents. Monitor for updates.
CVE-2026-40371 Microsoft Dynamics 365 (on-premises) Elevation of Privilege Vulnerability
...
Security Updates for Microsoft Dynamics 365 Business Central (May 2026) (CVE-2026-40417)
The Microsoft Dynamics 365 Business Central install is missing a security update. It is, therefore, affected by an elevation of privilege vulnerability: - Weak authentication in Dynamics Business Central allows an authorized attacker to elevate privileges locally. CVE-2026-40417 Note that Nessus...
Microsoft Dynamics 365 (on-premises) < 9.1.45.11 Multiple RCE (May 2026)
The Microsoft Dynamics 365 on-premises is missing security updates. It is, therefore, affected by multiple remote code execution vulnerabilities: - Improper control of generation of code 'code injection' in Microsoft Dynamics 365 on-premises allows an authorized attacker to execute code over a...
CVE-2026-42898
Improper control of generation of code 'code injection' in Microsoft Dynamics 365 on-premises allows an authorized attacker to execute code over a network...
CVE-2026-42833
Improper control of generation of code 'code injection' in Microsoft Dynamics 365 on-premises allows an authorized attacker to execute code over a network...
CVE-2026-33821
Improper privilege management in Microsoft Dynamics 365 Customer Insights allows an authorized attacker to elevate privileges over a network...
EUVD-2026-29718
Improper control of generation of code 'code injection' in Microsoft Dynamics 365 on-premises allows an authorized attacker to execute code over a network...
EUVD-2026-29713
Execution with unnecessary privileges in Microsoft Dynamics 365 on-premises allows an authorized attacker to execute code over a network...
EUVD-2026-29579
Improper privilege management in Microsoft Dynamics 365 Customer Insights allows an authorized attacker to elevate privileges over a network...
CVE-2026-42898
Improper control of generation of code 'code injection' in Microsoft Dynamics 365 on-premises allows an authorized attacker to execute code over a network...
CVE-2026-42833
Improper control of generation of code 'code injection' in Microsoft Dynamics 365 on-premises allows an authorized attacker to execute code over a network...
CVE-2026-33821
Improper privilege management in Microsoft Dynamics 365 Customer Insights allows an authorized attacker to elevate privileges over a network...
CVE-2026-33821 Microsoft Dynamics 365 Customer Insights Elevation of Privilege Vulnerability
...
CVE-2026-33821
CVE-2026-33821 affects Microsoft Dynamics 365 Customer Insights and is an Elevation of Privilege due to improper privilege management. An authenticated attacker could elevate privileges across the network. The vulnerability is confirmed by multiple sources and Microsoft has released updates; impl...
CVE-2026-42833 Microsoft Dynamics 365 On-Premises Remote Code Execution Vulnerability
...
CVE-2026-42833 Microsoft Dynamics 365 On-Premises Remote Code Execution Vulnerability
...
CVE-2026-42833
CVE-2026-42833 affects Microsoft Dynamics 365 on-premises. The description indicates an"execution with unnecessary privileges" vulnerability that enables an authorized attacker to execute remote code over the network, with impact including full code execution on the affected system. The available...
CVE-2026-42833
Improper control of generation of code 'code injection' in Microsoft Dynamics 365 on-premises allows an authorized attacker to execute code over a network...