Microsoft Microsoft Defender For Endpoint For Linux
7 CVEs affecting Microsoft Microsoft Defender For Endpoint For Linux. Latest disclosed: 2026-02-10. Critical: 0, High: 3.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2026-21537 | High | 8.8 | 2026-02-10 | Improper control of generation of code ('code injection') in Microsoft Defender for Linux allows an unauthorized attacker to execute code over an adjacent netw… |
CVE-2025-47161 | High | 7.8 | 2025-05-15 | Improper access control in Microsoft Defender for Endpoint allows an authorized attacker to elevate privileges locally. |
CVE-2025-59497 | High | 7.0 | 2025-10-14 | Time-of-check time-of-use (toctou) race condition in Microsoft Defender for Linux allows an authorized attacker to deny service locally. |
CVE-2025-26684 | Medium | 6.7 | 2025-05-13 | External control of file name or path in Microsoft Defender for Endpoint allows an authorized attacker to elevate privileges locally. |
CVE-2022-33637 | Medium | 6.5 | 2022-07-12 | Microsoft Defender for Endpoint Tampering Vulnerability |
CVE-2022-23278 | Medium | 5.9 | 2022-03-09 | Microsoft Defender for Endpoint Spoofing Vulnerability |
CVE-2024-43614 | Medium | 5.5 | 2024-10-08 | Relative path traversal in Microsoft Defender for Endpoint allows an authorized attacker to perform spoofing locally. |