Vendor

Microsoft

Defender Windows DirectX Internet Explorer Microsoft SMBv1 Active Directory

Tracked CVEs

CVE-2026-41091KEV CVE-2008-4250KEV CVE-2009-1537KEV CVE-2010-0249KEV CVE-2010-0806KEV CVE-2026-45498KEV CVE-2026-33825KEV CVE-2026-42897KEV CVE-2025-62221KEV CVE-2025-33073KEV CVE-2017-0144KEV CVE-2022-26923KEV

Linked incidents

incident open 2 articles

Gentlemen RaaS internal database leak exposes member accounts and chats

vulnerability closed 4 articles

CISA adds Windows Shell and ConnectWise ScreenConnect flaws to Known Exploited Vulnerabilities catalog

vulnerability closed 2 articles

Microsoft patches exploited SharePoint zero-day CVE-2026-32201

Coverage timeline

Microsoft patches CVE-2026-41091 amid record 208 CVE update
securityaffairs.com · Jun 9, 2026
CISA Adds Critical Flaws in Windows, Office, Defender to KEV List
securityaffairs.com · May 21, 2026
Microsoft Defender vulnerabilities are being exploited in the wild
www.malwarebytes.com · May 21, 2026
Microsoft fixes two zero day Defender bugs under active attack
www.securityweek.com · May 21, 2026
CISA adds CVE-2026-45498 to KEV, urges Defender patch by June
www.cisa.gov · May 20, 2026
CISA warns of active exploit in Microsoft Defender CVE-2026-41091
www.cisa.gov · May 20, 2026
CISA Adds CVE-2010-0249 to KEV Catalog, Urging IE Users to Patch
www.cisa.gov · May 20, 2026
CISA adds buffer overflow flaw CVE-2008-4250 to KEV catalogue
www.cisa.gov · May 20, 2026
CISA's KEV Catalog Helps Firms Prioritise Active Exploit Patches
www.cisa.gov · May 20, 2026
CISA logs CVE-2009-1537 DirectX flaw in KEV catalog
www.cisa.gov · May 20, 2026
CISA Adds Microsoft Defender DoS Flaw CVE-2026-45498 to KEV List
cisa.gov · May 20, 2026
CISA warns of active exploit in Microsoft Defender CVE-2026-41091
cisa.gov · May 20, 2026
CISA adds CVE-2010-0806 to KEV after IE exploits observed in wild
cisa.gov · May 20, 2026
CISA flags decade old IE bug in KEV, orders patch by June 3
cisa.gov · May 20, 2026
CISA Adds 2009 DirectX Flaw to KEV After QuickTime Exploit
cisa.gov · May 20, 2026
CISA Warns of Active Exploit in Windows RPC Flaw CVE-2008-4250
cisa.gov · May 20, 2026
CISA adds seven KEV flaws, including 2026 Microsoft Defender bugs
www.cisa.gov · May 20, 2026
Windows Zero-Day Barrage Continues After Patch Tuesday
www.darkreading.com · May 19, 2026
Microsoft Exchange Zero-Day Under Attack, No Patch Available
www.darkreading.com · May 18, 2026
Microsoft Exchange zero day bug exploited in the wild
thehackernews.com · May 18, 2026
MiniPlasma PoC reveals unpatched Windows privilege escalation flaw
thehackernews.com · May 18, 2026
CISA flags Exchange zero day flaw CVE-2026-42897 in KEV list
securityaffairs.com · May 16, 2026
CISA adds Exchange XSS flaw CVE‑2026‑42897 to KEV list
www.cisa.gov · May 15, 2026
CISA flags CVE‑2026‑42897 in Exchange, urges immediate patch
cisa.gov · May 15, 2026
CISA Adds MS Exchange XSS Flaw CVE-2026-42897 to KEV Catalog
www.cisa.gov · May 15, 2026
CVE-2026-42897: Microsoft warns of active Exchange XSS flaw
securityaffairs.com · May 15, 2026
Microsoft Reports Severe Zero-Day Flaw in On-Prem Exchange Servers
www.infosecurity-magazine.com · May 15, 2026
Microsoft warns of zero day Exchange flaw CVE-2026-42897
www.securityweek.com · May 15, 2026
Windows Zero Days YellowKey & GreenPlasma Expose BitLocker Bypass
securityaffairs.com · May 15, 2026
Microsoft patches Exchange Server XSS spoof flaw CVE-2026-42897
thehackernews.com · May 15, 2026