azure application gateway (microsoft) — Vulnerabilities

Signals

Monitoring NVD, CISA KEV, EPSS and the Dragons Community ransomware tracker in near-real timeMonitoring NVD, CISA KEV, EPSS and the Dragons Community ransomware tracker in near-real time

Vendors · microsoft · azure application gateway

azure application gateway

· 2 Criticalmicrosoft · 2 known vulnerabilities

Total

Critical

High

Medium

CISA KEV

CVE-2025-64657CRITICAL 9.8

Nov 25, 2025

Stack-based buffer overflow in Azure Application Gateway allows an unauthorized attacker to elevate privileges over a network.

CVE-2025-64656CRITICAL 9.4

Nov 25, 2025

Out-of-bounds read in Application Gateway allows an unauthorized attacker to elevate privileges over a network.

All microsoft products All Vendors CVE Database KEV Catalog