Microsoft Security Response Center
The Microsoft Security Response Center (MSRC) publishes CVE-level security update information for Windows, Office, Azure, Exchange and the rest of the Microsoft portfolio, including whether a vulnerability was publicly disclosed or exploited before the fix shipped.
CSIRTS.com ingests Microsoft Security Response Center every 3 hours, normalizes each advisory into a common schema and cross-references every CVE against the CISA KEV catalog and public exploit datasets. Publishes CVE-level security update guide entries. Also available via RSS, JSON API and the MCP server.
Latest from Microsoft Security Response Center
CVE-2026-57100: Microsoft Entra Provisioning Service Elevation of Privilege Vulnerability
CVE-2026-14103: Chromium: CVE-2026-14103 Use after free in SSL
CVE-2026-12064: proto-default skips SSH verification
CVE-2026-14076: Chromium: CVE-2026-14076 Policy bypass in Network
CVE-2026-13779: Chromium: CVE-2026-13779 Use after free in Chromoting
CVE-2026-13780: Chromium: CVE-2026-13780 Insufficient validation of untrusted input in ANGLE
CVE-2026-14131: Chromium: CVE-2026-14131 Insufficient validation of untrusted input in WebAppInstalls
CVE-2026-13775: Chromium: CVE-2026-13775 Use after free in GPU
CVE-2026-13815: Chromium: CVE-2026-13815 Use after free in Blink
CVE-2026-14080: Chromium: CVE-2026-14080 Insufficient validation of untrusted input in TabSwitcher
CVE-2026-13831: Chromium: CVE-2026-13831 Use after free in GPU
CVE-2026-13837: Chromium: CVE-2026-13837 Inappropriate implementation in CSS
CVE-2026-13845: Chromium: CVE-2026-13845 Use after free in DOM
CVE-2026-13865: Chromium: CVE-2026-13865 Insufficient validation of untrusted input in Enterprise
CVE-2026-13871: Chromium: CVE-2026-13871 Insufficient data validation in GuestView
CVE-2026-13786: Chromium: CVE-2026-13786 Use after free in Ozone
CVE-2026-57987: Microsoft Edge (Chromium-based) Spoofing Vulnerability
CVE-2026-13874: Chromium: CVE-2026-13874 Inappropriate implementation in DataTransfer
CVE-2026-13881: Chromium: CVE-2026-13881 Insufficient data validation in WebAppInstalls
CVE-2026-14156: Chromium: CVE-2026-14156 Policy bypass in StorageAccessAPI
CVE-2026-14145: Chromium: CVE-2026-14145 Inappropriate implementation in CSS
CVE-2026-14132: Chromium: CVE-2026-14132 Inappropriate implementation in WebXR
CVE-2026-14125: Chromium: CVE-2026-14125 Uninitialized Use in ANGLE
CVE-2026-13776: Chromium: CVE-2026-13776 Type Confusion in Dawn
Browse all 1,700 advisories from Microsoft Security Response Center →