VDB

GCVE-VVD-NCSC-2025-14

GCVE-VVD-NCSC-2025-14
Advisory PublishedCVSS 7.8/10
Vulnetix · Advisory published January 14, 2025
Microsoft heeft een kwetsbaarheid verholpen in Power Automate for Desktops.
Download JSON Open in Console

Weaknesses (CWE)

CWE-94Improper Control of Generation of Code ('Code Injection')

Risk Scores

CVSS 3.1
7.8/10
High · CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

Affected Products

VendorProductVersionsPlatforms
microsoftpower_automate_for_desktop

Aliases

CVE-2025-21187

Transitive aliases

GHSA-p5r3-46vv-rccqBDU:2025-00597EUVD-2025-2266VVD-CISA-2025-21187

References

advisory
advisory

Browse GCVE Records

100 records in the GCVE database · Updated April 16, 2026

No matching records found.

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

Open in Console Download JSON
$ Console Community · 100/wk Open console ›