Known Vulnerabilities for Active Directory by Microsoft
Listed below are 3 of the newest known vulnerabilities associated with "Active Directory" by "Microsoft".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-59998 json | sshd in OpenSSH before 10.4 has an undocumented security-relevant behavior: GSSAPIStrictAcceptorCheck has no value if the ser... | Not Provided | 2026-07-08 | 2026-07-08 |
| CVE-2026-59269 json | A user authenticating to Kubernetes clusters via the Pinniped Supervisor could potentially gain elevated permissions in the c... | Not Provided | 2026-07-09 | 2026-07-09 |
| CVE-2026-57288 json | Jenkins Active Directory Plugin 2.41.1 and earlier does not escape the user name before building the LDAP search filter in th... | Not Provided | 2026-06-24 | 2026-06-24 |
| CVE-2026-56425 json | The Azure Active Directory (AAD) authentication implementation contained multiple weaknesses in its OAuth 2.0 authorization f... | Not Provided | 2026-06-22 | 2026-06-23 |
| CVE-2026-54686 json | Warp is an agentic development environment. From 0.2021.04.25.23.05.stable_00 until 0.2026.05.06.15.42.stable_01, Warp accept... | Not Provided | 2026-06-24 | 2026-06-25 |
| CVE-2026-50031 json | ipmi-oem in FreeIPMI before 1.6.18 has exploitable buffer overflows on response messages. The Intelligent Platform Management... | Not Provided | 2026-06-03 | 2026-06-03 |
| CVE-2026-48919 json | Jenkins Active Directory Plugin 2.41 and earlier deserializes data from LDAP referrals without validation. | Not Provided | 2026-05-27 | 2026-05-27 |
| CVE-2026-48918 json | Jenkins Active Directory Plugin 2.41 and earlier follows LDAP referrals by default. | Not Provided | 2026-05-27 | 2026-05-27 |
| CVE-2026-45648 json | Stack-based buffer overflow in Active Directory Domain Services allows an authorized attacker to execute code over a network. | Not Provided | 2026-06-09 | 2026-06-10 |
| CVE-2026-45480 json | Improper authentication in Azure Active Directory allows an unauthorized attacker to elevate privileges over a network. | Not Provided | 2026-06-19 | 2026-06-24 |
Known Affected Configurations (CPE V2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Microsoft | Active Directory | - |