CVE-2026-21537
high
Microsoft CVSS v3 Base Score
8.8
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Vulnerability Report
Generated by CyberWatcher
Description
Improper control of generation of code ('code injection') in Microsoft Defender for Linux allows an unauthorized attacker to execute code over an adjacent network.
CWE
CWE-94Affected Products
Microsoft Microsoft Defender for Endpoint for Linux