1185 matches found
Security Updates for Microsoft Dynamics 365 Business Central (May 2026) (CVE-2026-40417)
The Microsoft Dynamics 365 Business Central install is missing a security update. It is, therefore, affected by an elevation of privilege vulnerability: - Weak authentication in Dynamics Business Central allows an authorized attacker to elevate privileges locally. CVE-2026-40417 Note that Nessus...
Microsoft Dynamics 365 (on-premises) < 9.1.45.11 Multiple RCE (May 2026)
The Microsoft Dynamics 365 on-premises is missing security updates. It is, therefore, affected by multiple remote code execution vulnerabilities: - Improper control of generation of code 'code injection' in Microsoft Dynamics 365 on-premises allows an authorized attacker to execute code over a...
CVE-2026-42898
Improper control of generation of code 'code injection' in Microsoft Dynamics 365 on-premises allows an authorized attacker to execute code over a network...
CVE-2026-42833
Improper control of generation of code 'code injection' in Microsoft Dynamics 365 on-premises allows an authorized attacker to execute code over a network...
CVE-2026-33821
Improper privilege management in Microsoft Dynamics 365 Customer Insights allows an authorized attacker to elevate privileges over a network...
EUVD-2026-29718
Improper control of generation of code 'code injection' in Microsoft Dynamics 365 on-premises allows an authorized attacker to execute code over a network...
EUVD-2026-29713
Execution with unnecessary privileges in Microsoft Dynamics 365 on-premises allows an authorized attacker to execute code over a network...
EUVD-2026-29579
Improper privilege management in Microsoft Dynamics 365 Customer Insights allows an authorized attacker to elevate privileges over a network...
CVE-2026-42898
Improper control of generation of code 'code injection' in Microsoft Dynamics 365 on-premises allows an authorized attacker to execute code over a network...
CVE-2026-42833
Improper control of generation of code 'code injection' in Microsoft Dynamics 365 on-premises allows an authorized attacker to execute code over a network...
CVE-2026-33821
Improper privilege management in Microsoft Dynamics 365 Customer Insights allows an authorized attacker to elevate privileges over a network...
CVE-2026-33821 Microsoft Dynamics 365 Customer Insights Elevation of Privilege Vulnerability
...
CVE-2026-33821
CVE-2026-33821 affects Microsoft Dynamics 365 Customer Insights and is an Elevation of Privilege due to improper privilege management. An authenticated attacker could elevate privileges across the network. The vulnerability is confirmed by multiple sources and Microsoft has released updates; impl...
CVE-2026-42833 Microsoft Dynamics 365 On-Premises Remote Code Execution Vulnerability
...
CVE-2026-42833 Microsoft Dynamics 365 On-Premises Remote Code Execution Vulnerability
...
CVE-2026-42833
CVE-2026-42833 affects Microsoft Dynamics 365 on-premises. The description indicates an"execution with unnecessary privileges" vulnerability that enables an authorized attacker to execute remote code over the network, with impact including full code execution on the affected system. The available...
CVE-2026-42833
Improper control of generation of code 'code injection' in Microsoft Dynamics 365 on-premises allows an authorized attacker to execute code over a network...
CVE-2026-42898
Improper control of generation of code 'code injection' in Microsoft Dynamics 365 on-premises allows an authorized attacker to execute code over a network...
CVE-2026-42898
Microsoft Dynamics 365 on-premises is affected by CVE-2026-42898 (code injection via improper control of generation of code), allowing an authenticated attacker to execute code over the network. The CVSS vector indicates Network, Low privileges, No user interaction, with high impact on confidenti...
CVE-2026-42898 Microsoft Dynamics 365 On-Premises Remote Code Execution Vulnerability
...