本ページは microsoft outlook に影響する公開済み CVE(NVD の CPE 経由で関連付け)を列挙します。各行に深刻度指標・概要・公開日が含まれます。
| CVE | 概要 | ソース | CVSS 最大値 | EPSS(%) | 公開 | 更新 |
|---|---|---|---|---|---|---|
| CVE-2026-42893 | Improper neutralization of special elements used in a command ('command injection') in M365 Copilot allows an unauthorized attacker to perform tampering over a network. | [email protected] | 7.4 | 0.05% | 2026-05-12 | 2026-05-13 |
| CVE-2026-26133 | AI command injection in M365 Copilot allows an unauthorized attacker to disclose information over a network. | [email protected] | 7.1 | 0.05% | 2026-03-16 | 2026-04-09 |
| CVE-2026-21260 | Exposure of sensitive information to an unauthorized actor in Microsoft Office Outlook allows an unauthorized attacker to perform spoofing over a network. | [email protected] | 7.5 | 0.05% | 2026-02-10 | 2026-02-11 |
| CVE-2025-49699 | Use after free in Microsoft Office allows an unauthorized attacker to execute code locally. | [email protected] | 7.0 | 0.35% | 2025-07-08 | 2025-07-15 |
| CVE-2025-47171 | Improper input validation in Microsoft Office Outlook allows an authorized attacker to execute code locally. | [email protected] | 6.7 | 2.52% | 2025-06-10 | 2025-07-09 |
| CVE-2025-29805 | Exposure of sensitive information to an unauthorized actor in Outlook for Android allows an unauthorized attacker to disclose information over a network. | [email protected] | 7.5 | 9.25% | 2025-04-08 | 2025-07-10 |
| CVE-2025-21259 | Microsoft Outlook Spoofing Vulnerability | [email protected] | 5.3 | 1.00% | 2025-02-11 | 2025-02-28 |
| CVE-2025-21361 | Microsoft Outlook Remote Code Execution Vulnerability | [email protected] | 7.8 | 0.70% | 2025-01-14 | 2026-05-19 |
| CVE-2025-21357 | Microsoft Outlook Remote Code Execution Vulnerability | [email protected] | 6.7 | 0.35% | 2025-01-14 | 2025-07-01 |
| CVE-2024-42220 | A library injection vulnerability exists in Microsoft Outlook 16.83.3 for macOS. A specially crafted library can leverage Outlook's access privileges, leading to a permission bypass. A malicious application could inject a library and start the program to trigger this vulnerability and then make use of the vulnerable application's permissions. | [email protected] | 7.1 | 0.06% | 2024-12-18 | 2025-08-22 |
| CVE-2024-43604 | Outlook for Android Elevation of Privilege Vulnerability | [email protected] | 5.7 | 0.73% | 2024-10-08 | 2024-10-17 |
| CVE-2024-43482 | Microsoft Outlook for iOS Information Disclosure Vulnerability | [email protected] | 6.5 | 5.86% | 2024-09-10 | 2024-09-18 |
| CVE-2024-38173 | Microsoft Outlook Remote Code Execution Vulnerability | [email protected] | 6.7 | 0.49% | 2024-08-13 | 2024-08-16 |
| CVE-2024-38020 | Microsoft Outlook Spoofing Vulnerability | [email protected] | 6.5 | 0.26% | 2024-07-09 | 2024-11-21 |
| CVE-2024-30103 | Microsoft Outlook Remote Code Execution Vulnerability | [email protected] | 8.8 | 14.96% | 2024-06-11 | 2026-05-19 |
| CVE-2024-20670 | Outlook for Windows Spoofing Vulnerability | [email protected] | 8.1 | 5.12% | 2024-04-09 | 2025-01-08 |
| CVE-2024-26204 | Outlook for Android Information Disclosure Vulnerability | [email protected] | 7.5 | 2.40% | 2024-03-12 | 2025-01-15 |
| CVE-2024-21378 | Microsoft Outlook Remote Code Execution Vulnerability | [email protected] | 8.8 | 27.31% | 2024-02-13 | 2024-11-21 |
| CVE-2023-36763 | Microsoft Outlook Information Disclosure Vulnerability | [email protected] | 7.5 | 1.28% | 2023-09-12 | 2024-11-21 |
| CVE-2023-36893 | Microsoft Outlook Spoofing Vulnerability | [email protected] | 6.5 | 0.86% | 2023-08-08 | 2024-11-21 |