Microsoft EUVD-2026-25311

| CVE-2026-33819 CRITICAL
Deserialization of Untrusted Data (CWE-502)
2026-04-23 microsoft GHSA-97j9-4xhc-69qj
Microsoft Deserialization
10.0
CVSS 3.1
Temporal: 8.7
Share

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Changed
Confidentiality
High
Integrity
High
Availability
High

DescriptionNVD

Deserialization of untrusted data in Microsoft Bing allows an unauthorized attacker to execute code over a network.

Analysis

Deserialization of untrusted data in Microsoft Bing allows an unauthorized attacker to execute code over a network.

Sign in for full analysis, threat intelligence, and remediation guidance.

Full analysis requires sign-in

Get intelligence summaries, risk assessment, exploit details, threat intel, and remediation guidance.

Sign in - Free

More from same product – last 7 days

CVE-2026-33453 CRITICAL
10.0 Apr 27

Improperly Controlled Modification of Dynamically-Determined Object Attributes vulnerability in Apache Camel Camel-Coap

CVE-2026-35431 CRITICAL
10.0 Apr 23

Server-side request forgery (ssrf) in Microsoft Entra ID Entitlement Management allows an unauthorized attacker to perfo
CVE-2026-21515 CRITICAL
9.9 Apr 24

Privilege escalation in Azure IoT Central enables authenticated attackers to gain unauthorized access to sensitive infor
CVE-2026-40453 CRITICAL
9.9 Apr 27

The fix for CVE-2025-27636 added setLowerCase(true) to HttpHeaderFilterStrategy so that case-variant header names such a
CVE-2026-7343 CRITICAL
9.8 Apr 28

Use after free in Views in Google Chrome on Windows prior to 147.0.7727.138 allowed a remote attacker who had compromise

Share

EUVD-2026-25311 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy