ai-security EN

Microsoft May 2026 Patch Tuesday, (Tue, May 12th)

Updated Source: isc.sans.edu Feed: isc.sans.edu

Microsoft May 2026 Patch Tuesday

Published
2026-05-12. Last Updated
2026-05-12 18:29:36 UTC

by Johannes Ullrich (Version: 1)

0 comment(s)

Today’s Microsoft patch Tuesday fixes 137 different vulnerabilities. In addition, the update addresses 137 Chromium-related issues affecting Microsoft Edge.

There are no already disclosed or already exploited vulnerabilities included in today’s patches. I removed the Chromium issues from the table below and included only the 137 Microsoft issues to make it more readable.

Note that issues related to Microsoft Azure are labeled as “no customer action required.

Significant Vulnerabilities of interest:

CVE-2026-41103: This vulnerability affects the Microsoft SSO Plugin for Jira & Confluence. Exploitation could lead to an elevation of privileges. With ongoing supply chain attacks, development and CI/CD tools like Jira and Confluence are popular targets.

CVE-2026-41089: A preauthentication remote code execution vulnerability in the Netlogon service will always be a juicy target, worth some AI tokens to write an exploit for.

Other critical vulnerabilities include the usual Word and Microsoft Office issues.

Description
CVEDisclosedExploitedExploitability (old versions)current versionSeverityCVSS Base (AVG)CVSS Temporal (AVG)
.NET Core Tampering Vulnerability
CVE-2026-32175NoNo--Important4.33.8
.NET Elevation of Privilege Vulnerability
CVE-2026-32177NoNo--Important7.36.4
CVE-2026-35433NoNo--Important7.36.4
ASP.NET Core Denial of Service Vulnerability
CVE-2026-42899NoNo--Important7.56.5
Azure AI Foundry Elevation of Privilege Vulnerability (no customer action required)
CVE-2026-35435NoNo--Critical8.67.5
Azure Cloud Shell Spoofing Vulnerability (no customer action required)
CVE-2026-35428NoNo--Critical9.68.3
Azure Connected Machine Agent Elevation of Privilege Vulnerability
CVE-2026-40381NoNo--Important7.86.8
Azure DevOps Information Disclosure Vulnerability (no customer action required)
CVE-2026-42826NoNo--Critical10.08.7
Azure Logic Apps Elevation of Privilege Vulnerability
CVE-2026-42823NoNo--Important9.98.6
Azure Machine Learning Notebook Spoofing Vulnerability (no customer action required)
CVE-2026-32207NoNo--Critical8.87.7
CVE-2026-33833NoNo--Important8.27.1
Azure Managed Instance for Apache Cassandra Remote Code Execution Vulnerability (no customer action required)
CVE-2026-33109NoNo--Critical9.98.6
CVE-2026-33844NoNo--Critical9.07.8
Azure Monitor Action Group Notification System Elevation of Privilege Vulnerability (no customer action required)
CVE-2026-41105NoNo--Critical8.17.1
Azure Monitor Agent Elevation of Privilege Vulnerability
CVE-2026-32204NoNo--Important7.86.8
Azure Monitor Agent Metrics Extension Elevation of Privilege Vulnerability
CVE-2026-42830NoNo--Important6.55.7
Azure SDK for Java Security Feature Bypass Vulnerability
CVE-2026-33117NoNo--Important9.17.9
Copilot Chat (Microsoft Edge) Information Disclosure Vulnerability (no customer action required)
CVE-2026-33111NoNo--Critical7.56.5
Data Deduplication Elevation of Privilege Vulnerability
CVE-2026-41095NoNo--Important7.86.8
GitHub Copilot and Visual Studio Code Security Feature Bypass Vulnerability
CVE-2026-41109NoNo--Important8.87.7
Internet Key Exchange (IKE) Protocol Denial of Service Vulnerability
CVE-2026-35424NoNo--Important7.56.5
M365 Copilot Information Disclosure Vulnerability (no customer action required)
CVE-2026-26129NoNo--Critical7.56.5
CVE-2026-26164NoNo--Critical7.56.5
M365 Copilot for Desktop Spoofing Vulnerability
CVE-2026-41614NoNo--Important6.25.4
Microsoft 365 Copilot for Android Spoofing Vulnerability
CVE-2026-41100NoNo--Important4.43.9
Microsoft Cryptographic Services Elevation of Privilege Vulnerability
CVE-2026-40377NoNo--Important7.86.8
Microsoft Data Formulator Remote Code Execution Vulnerability
CVE-2026-41094NoNo--Important8.87.7
Microsoft Dynamics 365 Business Central Elevation of Privilege Vulnerability
CVE-2026-40417NoNo--Important7.86.8
Microsoft Dynamics 365 Customer Insights Elevation of Privilege Vulnerability (no customer action required)
CVE-2026-33821NoNo--Critical7.76.7
Microsoft Dynamics 365 On-Premises Remote Code Execution Vulnerability
CVE-2026-42898NoNo--Critical9.98.6
CVE-2026-42833NoNo--Important9.17.9
Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability
CVE-2026-42838NoNo--Important5.44.7
Microsoft Edge (Chromium-based) Information Disclosure Vulnerability
CVE-2026-41107NoNo--Moderate7.46.4
Microsoft Edge (Chromium-based) for Android Spoofing Vulnerability
CVE-2026-42891NoNo--Moderate6.55.7
CVE-2026-35429NoNo--Moderate4.33.9
CVE-2026-40416NoNo--Low4.33.8
Microsoft Enterprise Security Token Service (ESTS) Spoofing Vulnerability (no customer action required)
CVE-2026-40379NoNo--Critical9.38.1
Microsoft Excel Information Disclosure Vulnerability
CVE-2026-40360NoNo--Important7.86.8
Microsoft Excel Remote Code Execution Vulnerability
CVE-2026-40359NoNo--Important7.86.8
CVE-2026-40362NoNo--Important7.86.8
Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability
CVE-2026-34329NoNo--Important8.87.7
Microsoft Office Click-To-Run Elevation of Privilege Vulnerability
CVE-2026-40419NoNo--Important7.86.8
CVE-2026-40418NoNo--Important7.86.8
CVE-2026-35436NoNo--Important8.87.7
CVE-2026-40420NoNo--Important8.87.7
Microsoft Office Remote Code Execution Vulnerability
CVE-2026-40363NoNo--Critical8.47.3
CVE-2026-42831NoNo--Critical7.86.8
CVE-2026-40358NoNo--Critical8.47.3
Microsoft Office Spoofing Vulnerability
CVE-2026-42832NoNo--Important7.76.7
Microsoft Outlook for iOS Tampering Vulnerability
CVE-2026-42893NoNo--Important7.46.4
Microsoft Partner Center Spoofing Vulnerability (no customer action required)
CVE-2026-34327NoNo--Critical8.27.1
Microsoft Power Automate Desktop Information Disclosure Vulnerability
CVE-2026-40374NoNo--Important6.55.7
Microsoft PowerPoint for Android Spoofing Vulnerability
CVE-2026-41102NoNo--Important7.16.2
Microsoft SSO Plugin for Jira & Confluence Elevation of Privilege Vulnerability
CVE-2026-41103NoNo--Critical9.17.9
Microsoft SharePoint Server Remote Code Execution Vulnerability
CVE-2026-35439NoNo--Important8.87.7
CVE-2026-40368NoNo--Important8.07.0
CVE-2026-33110NoNo--Important8.87.7
CVE-2026-33112NoNo--Important8.87.7
CVE-2026-40357NoNo--Important8.87.7
CVE-2026-40365NoNo--Critical8.87.7
Microsoft Team Events Portal Information Disclosure Vulnerability (no customer action required)
CVE-2026-33823NoNo--Critical9.68.3
Microsoft Teams Spoofing Vulnerability
CVE-2026-32185NoNo--Important5.54.8
Microsoft Word Information Disclosure Vulnerability
CVE-2026-35440NoNo--Important5.54.8
CVE-2026-40421NoNo--Important4.33.8
Microsoft Word Remote Code Execution Vulnerability
CVE-2026-40364NoNo--Critical8.47.3
CVE-2026-40366NoNo--Critical8.47.3
CVE-2026-40361NoNo--Critical8.47.3
CVE-2026-40367NoNo--Critical8.47.3
Microsoft Word for Android Spoofing Vulnerability
CVE-2026-41101NoNo--Important7.16.2
SQL Server Remote Code Execution Vulnerability
CVE-2026-40370NoNo--Important8.87.7
Secure Boot Security Feature Bypass Vulnerability
CVE-2026-41097NoNo--Important6.75.8
Visual Studio Code Elevation of Privilege Vulnerability
CVE-2026-41613NoNo--Important8.87.7
Visual Studio Code Information Disclosure Vulnerability
CVE-2026-41612NoNo--Important5.54.8
Visual Studio Code Remote Code Execution Vulnerability
CVE-2026-41611NoNo--Important7.86.8
Visual Studio Code Security Feature Bypass Vulnerability
CVE-2026-41610NoNo--Important6.35.5
Win32k Elevation of Privilege Vulnerability
CVE-2026-33839NoNo--Important7.06.1
CVE-2026-33840NoNo--Important7.86.8
CVE-2026-34330NoNo--Important7.86.8
CVE-2026-34331NoNo--Important7.06.1
Windows 11 Telnet Client Information Disclosure Vulnerability
CVE-2026-35423NoNo--Important5.44.7
Windows Admin Center Elevation of Privilege Vulnerability
CVE-2026-35438NoNo--Important8.37.2
Windows Admin Center in Azure Portal Elevation of Privilege Vulnerability
CVE-2026-41086NoNo--Important8.87.7
Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability
CVE-2026-34344NoNo--Important7.86.8
CVE-2026-34345NoNo--Important7.06.1
CVE-2026-35416NoNo--Important7.06.1
CVE-2026-41088NoNo--Important7.86.8
Windows Application Identity (AppID) Subsystem Elevation of Privilege Vulnerability
CVE-2026-34343NoNo--Important7.86.8
Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability
CVE-2026-35418NoNo--Important7.86.8
CVE-2026-33835NoNo--Important7.86.8
CVE-2026-34337NoNo--Important7.86.8
Windows Common Log File System Driver Elevation of Privilege Vulnerability
CVE-2026-40407NoNo--Important7.86.8
CVE-2026-40397NoNo--Important7.86.8
Windows DNS Client Remote Code Execution Vulnerability
CVE-2026-41096NoNo--Critical9.88.5
Windows DWM Core Library Elevation of Privilege Vulnerability
CVE-2026-42896NoNo--Important7.86.8
Windows DWM Core Library Information Disclosure Vulnerability
CVE-2026-35419NoNo--Important5.54.8
CVE-2026-34336NoNo--Important7.86.8
Windows Event Logging Service Elevation of Privilege Vulnerability
CVE-2026-33834NoNo--Important7.86.8
Windows Filtering Platform (WFP) Security Feature Bypass Vulnerability
CVE-2026-32209NoNo--Important4.43.9
Windows GDI Remote Code Execution Vulnerability
CVE-2026-35421NoNo--Critical7.86.8
Windows Graphics Component Remote Code Execution Vulnerability
CVE-2026-40403NoNo--Critical8.87.7
Windows Hyper-V Elevation of Privilege Vulnerability
CVE-2026-40402NoNo--Critical9.38.1
Windows Kernel Elevation of Privilege Vulnerability
CVE-2026-33841NoNo--Important7.86.8
CVE-2026-35420NoNo--Important7.86.8
CVE-2026-40369NoNo--Important7.86.8
Windows Kernel-Mode Driver Remote Code Execution Vulnerability
CVE-2026-34332NoNo--Important8.07.0
Windows Lightweight Directory Access Protocol (LDAP) Denial of Service Vulnerability
CVE-2026-34339NoNo--Important5.54.8
Windows Link-Layer Discovery Protocol (LLDP) Elevation of Privilege Vulnerability
CVE-2026-34341NoNo--Important7.06.1
Windows Message Queuing (MSMQ) Elevation of Privilege Vulnerability
CVE-2026-33838NoNo--Important7.86.8
Windows Native WiFi Miniport Driver Remote Code Execution Vulnerability
CVE-2026-32161NoNo--Critical7.56.5
Windows Netlogon Remote Code Execution Vulnerability
CVE-2026-41089NoNo--Critical9.88.5
Windows Print Spooler Elevation of Privilege Vulnerability
CVE-2026-34342NoNo--Important7.06.1
Windows Projected File System Elevation of Privilege Vulnerability
CVE-2026-34340NoNo--Important7.06.1
Windows Remote Desktop Services Elevation of Privilege Vulnerability
CVE-2026-40398NoNo--Important7.86.8
Windows Rich Text Edit Elevation of Privilege Vulnerability
CVE-2026-21530NoNo--Important6.75.8
CVE-2026-32170NoNo--Important6.75.8
Windows SMB Client Elevation of Privilege Vulnerability
CVE-2026-40410NoNo--Important7.06.1
Windows Storage Spaces Controller Elevation of Privilege Vulnerability
CVE-2026-35415NoNo--Important7.86.8
Windows Storport Miniport Driver Denial of Service Vulnerability
CVE-2026-34350NoNo--Important6.55.7
Windows TCP/IP Denial of Service Vulnerability
CVE-2026-40405NoNo--Important7.56.5
CVE-2026-40414NoNo--Important7.46.4
CVE-2026-40401NoNo--Important7.16.2
CVE-2026-40413NoNo--Important7.46.4
Windows TCP/IP Driver Security Feature Bypass Vulnerability
CVE-2026-35422NoNo--Important6.55.7
Windows TCP/IP Elevation of Privilege Vulnerability
CVE-2026-34351NoNo--Important7.86.8
CVE-2026-40399NoNo--Important7.86.8
CVE-2026-34334NoNo--Important7.86.8
Windows TCP/IP Information Disclosure Vulnerability
CVE-2026-40406NoNo--Important7.56.5
Windows TCP/IP Local Elevation of Privilege Vulnerability
CVE-2026-33837NoNo--Important7.86.8
Windows TCP/IP Remote Code Execution Vulnerability
CVE-2026-40415NoNo--Important8.17.1
Windows Telephony Service Elevation of Privilege Vulnerability
CVE-2026-42825NoNo--Important7.06.1
CVE-2026-34338NoNo--Important7.86.8
CVE-2026-40382NoNo--Important7.86.8
Windows Volume Manager Extension Driver Remote Code Execution Vulnerability
CVE-2026-40380NoNo--Important6.25.4
Windows WAN ARP Driver Elevation of Privilege Vulnerability
CVE-2026-40408NoNo--Important7.86.8
Windows Win32k Elevation of Privilege Vulnerability
CVE-2026-34333NoNo--Important7.86.8
CVE-2026-34347NoNo--Important7.06.1
CVE-2026-35417NoNo--Important7.86.8

Johannes B. Ullrich, Ph.D. , Dean of Research, SANS.edu

Twitter |

Keywords: [microsoft patch Tuesday](/tag.html?tag=microsoft patch Tuesday)

0 comment(s)

Click HERE to learn more about classes Johannes is teaching for SANS

Comments

Login here to join the discussion.

Top of page

×

modal content

Diary Archives