power apps (microsoft) — Vulnerabilities

Vendors · microsoft · power apps

power apps

· 2 Criticalmicrosoft · 6 known vulnerabilities

Total

Critical

High

Medium

CISA KEV

CVE-2026-32172HIGH 8.0

Apr 23, 2026

Uncontrolled search path element in Microsoft Power Apps allows an unauthorized attacker to execute code over a network.

CVE-2026-26149CRITICAL 9.0

Apr 14, 2026

Improper neutralization of escape, meta, or control sequences in Microsoft Power Apps allows an authorized attacker to perform spoofing over a network.

CVE-2026-20960HIGH 8.0

Jan 16, 2026

Improper authorization in Microsoft Power Apps allows an authorized attacker to execute code over a network.

CVE-2025-47733CRITICAL 9.1

May 8, 2025

Server-Side Request Forgery (SSRF) in Microsoft Power Apps allows an unauthorized attacker to disclose information over a network

CVE-2023-32052MEDIUM 5.4

Jul 11, 2023

Microsoft Power Apps (online) Spoofing Vulnerability

CVE-2023-32024LOW 3.0

Jun 14, 2023

Microsoft Power Apps Spoofing Vulnerability

All microsoft products All Vendors CVE Database KEV Catalog