Microsoft
AI Threat Alert tracks 2 known AI/ML vulnerabilities affecting Microsoft products — each enriched with CVSS severity, EPSS exploit probability, patch status, and CISO-grade analysis. Browse every Microsoft CVE below, sorted by severity and recency.
| Severity | CVE | Headline | Package | CVSS |
|---|---|---|---|---|
| CRITICAL | CVE-2025-53767 | Azure OpenAI: SSRF EoP, no auth required (CVSS 10) | azure_openai | 10.0 |
| HIGH | CVE-2024-43598 | LightGBM: heap buffer overflow enables network RCE | lightgbm | 8.1 |
Frequently asked questions
How many known vulnerabilities affect Microsoft?
2 AI/ML CVEs affecting Microsoft products are tracked, sourced from NVD and GitHub Advisory.
What Microsoft products are affected?
The CVEs below map to the Microsoft AI/ML packages and tools tracked by AI Threat Alert; open any CVE to see the affected components and versions.
Where does the Microsoft vulnerability data come from?
Data is sourced from NVD and GitHub Advisory, then enriched with CVSS severity, EPSS exploit probability, and patch status for each CVE.
How can I monitor Microsoft for new vulnerabilities?
AI Threat Alert tracks Microsoft continuously; a Pro subscription adds breaking alerts when new CVEs affecting Microsoft are published.
How do I assess Microsoft's security exposure?
Each CVE below carries CVSS severity and exploitation signals, so you can review the highest-severity Microsoft issues first and judge the exposure for your stack.