Microsoft Patch Tuesday, tracked.
8106 Microsoft CVEs analyzed across 91 months. Non-Microsoft CNAs excluded.
Total CVEs
8106
Critical
1019
Important
6824
Exploited in the Wild
147
Publicly Disclosed
185
Latest Patch Tuesday — Patch Tuesday June 2026
CVEs
219
Critical
49
Important
170
Exploited
0
Recent Months
| Month | CVEs | Critical | Exploited |
|---|---|---|---|
| Patch Tuesday June 2026 | 219 | 49 | 0 |
| Patch Tuesday May 2026 | 162 | 46 | 3 |
| Patch Tuesday April 2026 | 181 | 23 | 2 |
| Patch Tuesday March 2026 | 97 | 19 | 0 |
| Patch Tuesday February 2026 | 61 | 7 | 6 |
| Patch Tuesday January 2026 | 124 | 17 | 2 |
Most Recently Exploited CVEs
| CVE | Title | Severity | Month |
|---|---|---|---|
| CVE-2026-41091 | CVE-2026-41091 — Microsoft Defender Elevation of Privilege Vulnerability | Important | 2026-05 |
| CVE-2026-42897 | CVE-2026-42897 — Microsoft Exchange Server Spoofing Vulnerability | Critical | 2026-05 |
| CVE-2026-45498 | CVE-2026-45498 — Microsoft Defender Denial of Service Vulnerability | Low | 2026-05 |
| CVE-2026-32201 | CVE-2026-32201 — Microsoft SharePoint Server Spoofing Vulnerability | Important | 2026-04 |
| CVE-2026-32202 | CVE-2026-32202 — Windows Shell Spoofing Vulnerability | Important | 2026-04 |
| CVE-2026-21510 | CVE-2026-21510 — Windows Shell Security Feature Bypass Vulnerability | Important | 2026-02 |
| CVE-2026-21513 | CVE-2026-21513 — MSHTML Framework Security Feature Bypass Vulnerability | Important | 2026-02 |
| CVE-2026-21514 | CVE-2026-21514 — Microsoft Word Security Feature Bypass Vulnerability | Important | 2026-02 |
| CVE-2026-21519 | CVE-2026-21519 — Desktop Window Manager Elevation of Privilege Vulnerability | Important | 2026-02 |
| CVE-2026-21525 | CVE-2026-21525 — Windows Remote Access Connection Manager Denial of Service Vulnerability | Moderate | 2026-02 |