Known Vulnerabilities for Microsoft Dynamics 365 by Microsoft
Listed below are 7 of the newest known vulnerabilities associated with "Microsoft Dynamics 365" by "Microsoft".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-47647 json | Improper access control in Microsoft Dynamics 365 allows an authorized attacker to elevate privileges over a network. | Not Provided | 2026-06-18 | 2026-06-24 |
| CVE-2026-42898 json | Improper control of generation of code ('code injection') in Microsoft Dynamics 365 (on-premises) allows an authorized attack... | Not Provided | 2026-05-12 | 2026-05-13 |
| CVE-2026-42833 json | Improper control of generation of code ('code injection') in Microsoft Dynamics 365 (on-premises) allows an authorized attack... | Not Provided | 2026-05-12 | 2026-06-01 |
| CVE-2026-40371 json | Improper handling of insufficient permissions or privileges in Microsoft Dynamics 365 (on-premises) allows an authorized atta... | Not Provided | 2026-06-09 | 2026-06-17 |
| CVE-2026-33821 json | Improper privilege management in Microsoft Dynamics 365 Customer Insights allows an authorized attacker to elevate privileges... | Not Provided | 2026-05-12 | 2026-05-15 |
| CVE-2026-33103 json | Improper access control in Microsoft Dynamics 365 (on-premises) allows an authorized attacker to disclose information locally... | Not Provided | 2026-04-14 | 2026-04-27 |
| CVE-2026-32210 json | Server-side request forgery (ssrf) in Microsoft Dynamics 365 (Online) allows an unauthorized attacker to perform spoofing ove... | Not Provided | 2026-04-23 | 2026-04-30 |