Microsoft Teams vulnerabilities: known CVEs & security history
Microsoft · Collaboration · 23 tracked CVEs · 1 actively exploited · updated June 2026 · what is a CVE? →
This is the full list of known vulnerabilities (CVEs) across all Microsoft Teams release lines — 23 in total, with 1 actively exploited in the wild. A CVE here doesn't mean your version is affected — check Microsoft Teams's current status and the safe version to run.
Known Microsoft Teams CVEs
Actively-exploited and most-severe first. Open any CVE for full details.
| CVE | Severity | CVSS | EPSS | Year |
|---|---|---|---|---|
| CVE-2023-4863⚡ exploited | high | 8.8 | 100% | 2023 |
| CVE-2026-33823 | critical | 9.6 | 1% | 2026 |
| CVE-2023-29330 | high | 8.8 | 2% | 2023 |
| CVE-2023-29328 | high | 8.8 | 2% | 2023 |
| CVE-2026-21535 | high | 8.2 | 1% | 2026 |
| CVE-2026-42835 | high | 8.1 | 1% | 2026 |
| CVE-2020-17091 | high | 7.8 | 2% | 2020 |
| CVE-2019-5922 | high | 7.8 | 5% | 2019 |
| CVE-2025-53783 | high | 7.5 | 1% | 2025 |
| CVE-2022-21965 | high | 7.5 | 3% | 2022 |
| CVE-2026-26133 | high | 7.1 | 0% | 2026 |
| CVE-2024-42004 | high | 7.1 | 1% | 2024 |
| CVE-2024-41145 | high | 7.1 | 1% | 2024 |
| CVE-2024-41138 | high | 7.1 | 1% | 2024 |
| CVE-2025-49737 | high | 7 | 0% | 2025 |
| CVE-2024-38197 | medium | 6.5 | 16% | 2024 |
| CVE-2023-24881 | medium | 6.5 | 2% | 2023 |
| CVE-2021-24114 | medium | 5.7 | 3% | 2021 |
| CVE-2020-10146 | medium | 5.7 | 2% | 2020 |
| CVE-2026-32185 | medium | 5.5 | 0% | 2026 |
| CVE-2024-21448 | medium | 5 | 1% | 2024 |
| CVE-2024-21374 | medium | 5 | 1% | 2024 |
| CVE-2025-49731 | low | 3.1 | 0% | 2025 |
Is my Microsoft Teams version affected?
The list above spans every release. To know whether your version is affected — and the minimum safe version to upgrade to — check it directly.
Check your Microsoft Teams version → · Monitor Microsoft Teams for new CVEs →
Microsoft Teams vulnerabilities — frequently asked
How many known vulnerabilities does Microsoft Teams have?
IsItPatched tracks 23 CVEs for Microsoft Teams, 1 of which is actively exploited (CISA KEV). 1 is critical-severity and 14 high-severity. These span every release line — what matters is whether the version you run is affected.
Does Microsoft Teams have any actively-exploited vulnerabilities?
Yes — 1 Microsoft Teams CVE is in CISA's Known Exploited Vulnerabilities catalog, meaning it is confirmed exploited in the wild. Patch it as a priority.
What is the most severe Microsoft Teams vulnerability?
Among tracked issues, CVE-2023-4863 (HIGH, CVSS 8.8), which is actively exploited, ranks highest — a Out-of-bounds write weakness.
Is Microsoft Teams safe to use?
It depends on the version. The latest supported Microsoft Teams release clears the known issues; older versions may still be affected. Check the exact version you run for a verdict.
CVE data aggregated from NVD, CISA KEV and EPSS (FIRST.org). Related: Microsoft Teams security status · Microsoft Teams end-of-life · actively-exploited CVEs. Always verify against Microsoft's advisories — see our disclaimer.