Vendor scorecard
Microsoft Identity
Microsoft Identity security disclosure record — CVE volume, CVSS severity mix and product-category breakdown, sourced from the NIST NVD.
CPE: microsoft
Product families
2
Open in latest
6
Inferred — see methodology
Last disclosure
May 13, 2025
01
Product categories
2 trackedCVE volume, severity mix and the inferred latest shipping version per category.
| Category | CVEs | Volume | Severity mix | Open | Inferred latest |
|---|---|---|---|---|---|
| Entra / Identity SyncIdentity & Access Managementazure_active_directory_connect, entra_connect, defender_for_identity | 1 | 2 | 2.0.9.0MED | ||
| Active Directory / ADFSIdentity & Access Managementactive_directory, active_directory_federation_services, active_directory_domain_services | 0 | 4 | 4.0LOW |
02
Recent CVEs
1 shownMost recently published, newest first. Each ID links to its NVD record.
| CVE | Severity | CVSS | Summary | Published |
|---|---|---|---|---|
| CVE-2025-26685(opens NVD record) | Medium | 6.5 | Improper authentication in Microsoft Defender for Identity allows an unauthorized attacker to perform spoofing over an adjacent network. | May 13, 2025 |
1 CVEs · 2 product families