CVE-2025-64657: Azure Application Gateway Elevation of Privilege Vulnerability

CVE-2025-62459: Microsoft Defender Portal Spoofing Vulnerability

CVE-2025-64660: GitHub Copilot and Visual Studio Code Security Feature Bypass Vulnerability

CVE-2025-62207: Azure Monitor Elevation of Privilege Vulnerability

CVE-2025-49752: Azure Bastion Elevation of Privilege Vulnerability

Improper neutralization of special elements used in a command ('command injection') in Visual Studio allows an authorized attacker to execute code locally.

Headline

CVE-2025-62214: Visual Studio Remote Code Execution Vulnerability

Microsoft Security Response Center: Latest News