Power Automate For Desktop

power_automate_for_desktop

Vendor: Microsoft • 4 CVEs

CVEs (4)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2026-40374 1Microsoft 1Power Automate For Desktop Jun 17, 2026 May 12, 2026 N/A· v4 6.5 MEDIUM· v3 N/A· v2 Exposure of sensitive information to an unauthorized actor in Power Automate allows an authorized attacker to disclose information over a network.
CVE-2025-47966 1Microsoft 1Power Automate For Desktop Jun 17, 2026 Jun 5, 2025 N/A· v4 9.8 CRITICAL· v3 N/A· v2 Exposure of sensitive information to an unauthorized actor in Power Automate allows an unauthorized attacker to elevate privileges over a network.
CVE-2025-29817 1Microsoft 1Power Automate For Desktop Jun 17, 2026 Apr 15, 2025 N/A· v4 5.7 MEDIUM· v3 N/A· v2 Uncontrolled search path element in Power Automate allows an authorized attacker to disclose information over a network.
CVE-2025-21187 1Microsoft 1Power Automate For Desktop Jun 17, 2026 Jan 14, 2025 N/A· v4 7.8 HIGH· v3 N/A· v2 Microsoft Power Automate Remote Code Execution Vulnerability