Microsoft Uses LLMs for vuln discovery
CPE vendor key: microsoft ·
4,844 CVEs published in the last 24 months.
CVEs (365 d)
3,020
▲ +368 vs prior 30d
Avg CVSS (365 d)
7.35
over 3,020 CVEs
Avg EPSS pct (365 d)
0.28
higher = more likely exploited
KEV hit rate (365 d)
1.3%
39 of 3,020 added to CISA KEV
LLM-credited CVEs
89
Openai 89
Monthly CVE volume — last 24 months
Each point is one calendar month. Bars in the
severity card to the right slice the same volume by CVSS band.
Severity mix
Stacked by CVSS band (Critical / High / Medium /
Low) using the best available metric per CVE.
Top affected products (24 mo)
2,183
1,452
1,410
1,394
1,364
1,351
1,312
1,301
1,291
1,228
Distinct CVEs that include each product in their
CPE configuration.
Top CWEs (24 mo)
855
499
433
276
270
194
175
120
104
102
Distinct CVEs assigned each weakness.
Recent CISA KEV adds (last 12 months)
| Added | CVE | Product | KEV name |
|---|---|---|---|
| 2026-05-20 | CVE-2026-41091 | Defender | Microsoft Defender Link Following Vulnerability |
| 2026-05-20 | CVE-2026-45498 | Defender | Microsoft Defender Denial of Service Vulnerability |
| 2026-05-15 | CVE-2026-42897 | Microsoft | Microsoft Exchange Server Cross-Site Scripting Vulnerability |
| 2026-04-28 | CVE-2026-32202 | Windows | Microsoft Windows Protection Mechanism Failure Vulnerability |
| 2026-04-22 | CVE-2026-33825 | Defender | Microsoft Defender Insufficient Granularity of Access Control Vulnerability |
| 2026-04-14 | CVE-2026-32201 | SharePoint Server | Microsoft SharePoint Server Improper Input Validation Vulnerability |
| 2026-04-13 | CVE-2025-60710 | Windows | Microsoft Windows Link Following Vulnerability |
| 2026-03-18 | CVE-2026-20963 | SharePoint | Microsoft SharePoint Deserialization of Untrusted Data Vulnerability |
| 2026-02-12 | CVE-2024-43468 | Configuration Manager | Microsoft Configuration Manager SQL Injection Vulnerability |
| 2026-02-10 | CVE-2026-21510 | Windows | Microsoft Windows Shell Protection Mechanism Failure Vulnerability |
| 2026-02-10 | CVE-2026-21513 | Windows | Microsoft MSHTML Framework Protection Mechanism Failure Vulnerability |
| 2026-02-10 | CVE-2026-21514 | Office | Microsoft Office Word Reliance on Untrusted Inputs in a Security Decision Vulnerability |
| 2026-02-10 | CVE-2026-21519 | Windows | Microsoft Windows Type Confusion Vulnerability |
| 2026-02-10 | CVE-2026-21525 | Windows | Microsoft Windows NULL Pointer Dereference Vulnerability |
| 2026-02-10 | CVE-2026-21533 | Windows | Microsoft Windows Improper Privilege Management Vulnerability |
| 2026-01-26 | CVE-2026-21509 | Office | Microsoft Office Security Feature Bypass Vulnerability |
| 2026-01-13 | CVE-2026-20805 | Windows | Microsoft Windows Information Disclosure Vulnerability |
| 2025-12-09 | CVE-2025-62221 | Windows | Microsoft Windows Use After Free Vulnerability |
| 2025-11-12 | CVE-2025-62215 | Windows | Microsoft Windows Race Condition Vulnerability |
Filtered to KEV rows where the CISA vendor name matches this vendor,
to drop cross-OS noise (e.g. third-party Windows apps that CPE-map to
Microsoft).
LLM-credited CVEs from this vendor
| Published | CVE | LLM family | Model(s) |
|---|---|---|---|
| 2026-05-28 | CVE-2026-10000 | openai | OpenAI |
| 2026-05-28 | CVE-2026-10001 | openai | OpenAI |
| 2026-05-28 | CVE-2026-10002 | openai | OpenAI |
| 2026-05-28 | CVE-2026-10003 | openai | OpenAI |
| 2026-05-28 | CVE-2026-10004 | openai | OpenAI |
| 2026-05-28 | CVE-2026-10006 | openai | OpenAI |
| 2026-05-28 | CVE-2026-10007 | openai | OpenAI |
| 2026-05-28 | CVE-2026-10009 | openai | OpenAI |
| 2026-05-28 | CVE-2026-10012 | openai | OpenAI |
| 2026-05-28 | CVE-2026-10013 | openai | OpenAI |
| 2026-05-28 | CVE-2026-10015 | openai | OpenAI |
| 2026-05-28 | CVE-2026-10016 | openai | OpenAI |
| 2026-05-28 | CVE-2026-10018 | openai | OpenAI |
| 2026-05-28 | CVE-2026-10019 | openai | OpenAI |
| 2026-05-28 | CVE-2026-10021 | openai | OpenAI |
| 2026-05-28 | CVE-2026-10022 | openai | OpenAI |
| 2026-05-28 | CVE-2026-9873 | openai | OpenAI |
| 2026-05-28 | CVE-2026-9874 | openai | OpenAI |
| 2026-05-28 | CVE-2026-9877 | openai | OpenAI |
| 2026-05-28 | CVE-2026-9878 | openai | OpenAI |
| 2026-05-28 | CVE-2026-9879 | openai | OpenAI |
| 2026-05-28 | CVE-2026-9880 | openai | OpenAI |
| 2026-05-28 | CVE-2026-9882 | openai | OpenAI |
| 2026-05-28 | CVE-2026-9883 | openai | OpenAI |
| 2026-05-28 | CVE-2026-9887 | openai | OpenAI |
From
mythos_attributed_cves: CVEs whose NVD description
or vendor advisory credits an LLM-assisted discovery. Confidence is
high for every row.
Generated 19 June 2026 13:18 UTC <span class="time-ago" data-iso="2026-06-19T13:18:30Z"></span>.