CVE-2026-41094 | Microsoft Data Formulator prior 0.7 code injection

May 12, 2026 Yanac

A vulnerability identified as critical has been detected in Microsoft Data Formulator. This affects an unknown part. This manipulation causes code injection.

This vulnerability is handled as CVE-2026-41094. The attack can be initiated remotely. There is not any exploit available.

You should upgrade the affected component.VulDB Recent EntriesRead More

CVE-2026-41095 | Microsoft Windows Server 2012 R2 up to Server 2022 23H2 Data Deduplication use after free
CVE-2026-41089 | Microsoft Windows Server 2012 up to Server 2022 23H2 Netlogon stack-based overflow