Home / Vulnerability Intelligence / CVE-2026-21536

CVE-2026-21536 - Vulnerability Analysis

CriticalCVSS: 9.8

Last Updated: March 5, 2026

Published: March 5, 2026Updated: March 5, 2026Remote Exploitable

Overview

Microsoft Devices Pricing Program Remote Code Execution Vulnerability

Severity & Score

Severity: Critical

CVSS Score: 9.8

EPSS Score: 39.9%(Probability of exploitation in next 30 days)

References

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-21536

Social Media Activity(1 post)

Vito Botta

@vitobotta

Apr 3, 2026

XBOW autonomous AI found 3 critical RCEs in Microsoft Cloud - first time AI discovered production vulnerabilities without source code access. CVE-2026-21536 was flagged as one of March Patch Tuesday's most severe issues. The arms race between researchers and hackers has shifted.

View original post

Related Resources

Details

CVE ID: CVE-2026-21536
Severity: Critical
CVSS Score: 9.8
Status: new
EPSS: 39.9%
Social Posts: 1

CWE

CWE-434

CVSS Metrics

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS Score

39.9%Probability of exploitation in the next 30 days