Cyber Resilience

← All vendors

Microsoft Uses LLMs for vuln discovery

CPE vendor key: microsoft · 4,844 CVEs published in the last 24 months.

CVEs (365 d)
3,020
▲ +368 vs prior 30d
Avg CVSS (365 d)
7.35
over 3,020 CVEs
Avg EPSS pct (365 d)
0.28
higher = more likely exploited
KEV hit rate (365 d)
1.3%
39 of 3,020 added to CISA KEV
LLM-credited CVEs
89
Openai 89

Monthly CVE volume — last 24 months

2024202520260581
Each point is one calendar month. Bars in the severity card to the right slice the same volume by CVSS band.

Severity mix

CritHighMedLow
Stacked by CVSS band (Critical / High / Medium / Low) using the best available metric per CVE.

Top affected products (24 mo)

windows
2,183
windows_server_2022
1,452
windows_server_2022_23h2
1,410
windows_server_2019
1,394
windows_11_23h2
1,364
windows_11_24h2
1,351
windows_server_2025
1,312
windows_10_22h2
1,301
windows_10_21h2
1,291
windows_10_1809
1,228
Distinct CVEs that include each product in their CPE configuration.

Top CWEs (24 mo)

CWE-416
855
CWE-122
499
CWE-125
433
CWE-787
276
CWE-20
270
CWE-362
194
CWE-284
175
CWE-79
120
CWE-200
104
CWE-843
102
Distinct CVEs assigned each weakness.

Recent CISA KEV adds (last 12 months)

AddedCVEProductKEV name
2026-05-20CVE-2026-41091DefenderMicrosoft Defender Link Following Vulnerability
2026-05-20CVE-2026-45498DefenderMicrosoft Defender Denial of Service Vulnerability
2026-05-15CVE-2026-42897MicrosoftMicrosoft Exchange Server Cross-Site Scripting Vulnerability
2026-04-28CVE-2026-32202WindowsMicrosoft Windows Protection Mechanism Failure Vulnerability
2026-04-22CVE-2026-33825DefenderMicrosoft Defender Insufficient Granularity of Access Control Vulnerability
2026-04-14CVE-2026-32201SharePoint ServerMicrosoft SharePoint Server Improper Input Validation Vulnerability
2026-04-13CVE-2025-60710WindowsMicrosoft Windows Link Following Vulnerability
2026-03-18CVE-2026-20963SharePointMicrosoft SharePoint Deserialization of Untrusted Data Vulnerability
2026-02-12CVE-2024-43468Configuration ManagerMicrosoft Configuration Manager SQL Injection Vulnerability
2026-02-10CVE-2026-21510WindowsMicrosoft Windows Shell Protection Mechanism Failure Vulnerability
2026-02-10CVE-2026-21513WindowsMicrosoft MSHTML Framework Protection Mechanism Failure Vulnerability
2026-02-10CVE-2026-21514OfficeMicrosoft Office Word Reliance on Untrusted Inputs in a Security Decision Vulnerability
2026-02-10CVE-2026-21519WindowsMicrosoft Windows Type Confusion Vulnerability
2026-02-10CVE-2026-21525WindowsMicrosoft Windows NULL Pointer Dereference Vulnerability
2026-02-10CVE-2026-21533WindowsMicrosoft Windows Improper Privilege Management Vulnerability
2026-01-26CVE-2026-21509OfficeMicrosoft Office Security Feature Bypass Vulnerability
2026-01-13CVE-2026-20805WindowsMicrosoft Windows Information Disclosure Vulnerability
2025-12-09CVE-2025-62221WindowsMicrosoft Windows Use After Free Vulnerability
2025-11-12CVE-2025-62215WindowsMicrosoft Windows Race Condition Vulnerability
Filtered to KEV rows where the CISA vendor name matches this vendor, to drop cross-OS noise (e.g. third-party Windows apps that CPE-map to Microsoft).

LLM-credited CVEs from this vendor

PublishedCVELLM familyModel(s)
2026-05-28CVE-2026-10000openaiOpenAI
2026-05-28CVE-2026-10001openaiOpenAI
2026-05-28CVE-2026-10002openaiOpenAI
2026-05-28CVE-2026-10003openaiOpenAI
2026-05-28CVE-2026-10004openaiOpenAI
2026-05-28CVE-2026-10006openaiOpenAI
2026-05-28CVE-2026-10007openaiOpenAI
2026-05-28CVE-2026-10009openaiOpenAI
2026-05-28CVE-2026-10012openaiOpenAI
2026-05-28CVE-2026-10013openaiOpenAI
2026-05-28CVE-2026-10015openaiOpenAI
2026-05-28CVE-2026-10016openaiOpenAI
2026-05-28CVE-2026-10018openaiOpenAI
2026-05-28CVE-2026-10019openaiOpenAI
2026-05-28CVE-2026-10021openaiOpenAI
2026-05-28CVE-2026-10022openaiOpenAI
2026-05-28CVE-2026-9873openaiOpenAI
2026-05-28CVE-2026-9874openaiOpenAI
2026-05-28CVE-2026-9877openaiOpenAI
2026-05-28CVE-2026-9878openaiOpenAI
2026-05-28CVE-2026-9879openaiOpenAI
2026-05-28CVE-2026-9880openaiOpenAI
2026-05-28CVE-2026-9882openaiOpenAI
2026-05-28CVE-2026-9883openaiOpenAI
2026-05-28CVE-2026-9887openaiOpenAI
From mythos_attributed_cves: CVEs whose NVD description or vendor advisory credits an LLM-assisted discovery. Confidence is high for every row.

Generated 19 June 2026 13:18 UTC <span class="time-ago" data-iso="2026-06-19T13:18:30Z"></span>.