System Center Operations Manager 2019 CVEs and Security Vulnerabilities

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2026-20967	1 Microsoft	4 System Center Operations Manager, System Center Operations Manager 2019, System Center Operations Manager 2022 and 1 more	2026-03-19	8.8 High
Improper input validation in System Center Operations Manager allows an authorized attacker to elevate privileges over a network.
CVE-2025-27743	1 Microsoft	20 System Center Data Protection Manager, System Center Data Protection Manager 2019, System Center Data Protection Manager 2022 and 17 more	2026-02-13	7.8 High
Untrusted search path in System Center allows an authorized attacker to elevate privileges locally.

Page 1 of 1.