VDB
GCVE-110-NCSC-2025-249
GCVE-110-NCSC-2025-249
Advisory PublishedCVSS 7.9/10
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N
Weaknesses (CWE)
CWE-284Improper Access ControlCWE-359Exposure of Private Personal Information to an Unauthorized ActorCWE-918Server-Side Request Forgery (SSRF)CWE-200Exposure of Sensitive Information to an Unauthorized ActorCWE-285Improper AuthorizationCWE-22Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Risk Scores
CVSS 3.1
7.9/10
High · CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:N/E:U/RL:O/RC:C
Affected Products
| Vendor | Product | Versions | Platforms |
|---|---|---|---|
| Microsoft | vers:microsoft/102.10.2.11 | — | — |
| Microsoft | vers:unknown/>=19.0|<19.1.0.0 | — | — |
| Microsoft | vers:unknown/>=1.0.0|<18.0.0.0 | — | — |
| Microsoft | vers:unknown/>=18.0|<18.0.0.0 | — | — |
| Microsoft | vers:unknown/>=21.0|<21.2.0.0 | — | — |
| Microsoft | vers:microsoft/1.2406.1.23 | — | — |
| Microsoft | vers:microsoft/unknown | — | — |
| Microsoft | vers:unknown/>=20.0|<20.0.0.0 | — | — |
| Microsoft | vers:microsoft/1.2408.1.50 | — | — |
| Microsoft | vers:unknown/1.0.0|<18.3.0.0 | — | — |
| Microsoft | vers:microsoft/1.2501.1.47 | — | — |
| Microsoft | vers:unknown/open ai | — | — |
| Microsoft | vers:unknown/>=1.0.0|<102.10.2.11 | — | — |
| Microsoft | vers:unknown/>=1.0.0|<18.3.0.0 | — | — |
| Microsoft | vers:unknown/n/a | — | — |
| Microsoft | vers:unknown/1.0.0|<102.10.2.11 | — | — |
| Microsoft | vers:unknown/portal | — | — |
Browse GCVE Records
73,685 records in the GCVE database · Updated July 18, 2026
No matching records found.
Explore Further
Investigate this vulnerability in the interactive console or download the raw GCVE record.