CVE-2026-41091

Known Exploited (CISA KEV)HIGH

7.6

CVSS Severity Score

EPSS Score42.7360%

EPSS Percentile86.52th

PublishedMay 20, 2026

Last ModifiedJun 12, 2026

Vulnerability Description

Microsoft Defender is vulnerable to Microsoft Defender Link Following Vulnerability. Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

Affected Platforms (CPE)

📦

Microsoft

Defender

Refer to description

Related Vulnerabilities

CVE-2021-4231110.0

Microsoft Defender for IoT Remote Code Execution Vulnerability

CVE-2021-4231310.0

Microsoft Defender for IoT Remote Code Execution Vulnerability

CVE-2026-454989.8

Microsoft Defender is vulnerable to Microsoft Defender Denial of Service Vulnerability. Apply mitigations per vendor instructions,...

CVE-2007-42909.8

Multiple PHP remote file inclusion vulnerabilities in Guestbook Script 1.9 allow remote attackers to execute arbitrary PHP code vi...