CVE-2025-64657: Azure Application Gateway Elevation of Privilege Vulnerability

CVE-2025-62459: Microsoft Defender Portal Spoofing Vulnerability

CVE-2025-64660: GitHub Copilot and Visual Studio Code Security Feature Bypass Vulnerability

CVE-2025-62207: Azure Monitor Elevation of Privilege Vulnerability

CVE-2025-49752: Azure Bastion Elevation of Privilege Vulnerability

Improper limitation of a pathname to a restricted directory ('path traversal') in OneDrive for Android allows an authorized attacker to elevate privileges over a network.

Headline

CVE-2025-60722: Microsoft OneDrive for Android Elevation of Privilege Vulnerability

Microsoft Security Response Center: Latest News