Microsoft security patch tracker

Search Microsoft security patches by KB article and see the CVEs each one fixes, the highest severity it addresses, and whether any of those CVEs are actively exploited in the CISA KEV catalog. Built from the same Microsoft Security Response Center feed Siemserva by Senserva uses to rank missing patches.

Looking for a specific vulnerability instead of a patch? See the Microsoft CVE reference. Each CVE listed below links straight to its entry there.

Patch data refreshed from MSRC + CISA KEV. Last updated 15 June 2026.

How patches map to CVEs

Microsoft ships security fixes as KB (Knowledge Base) updates. A single KB usually fixes several CVEs, and a single CVE can be fixed by different KBs across product versions. This tracker pivots Microsoft's Security Update Guide so you can start from the patch: pick a KB, see every CVE it closes, and jump to the CVE reference for the scoring and exploitation detail.

Inside your own environment, Siemserva by Senserva reports which of these KBs are actually missing on your devices, enriched with CVSS, CISA KEV, and EPSS, and ranks them by real-world risk. See how the ranking works.

Find missing patches in your own environment

Siemserva reports the KBs and CVEs missing across your Microsoft estate, enriches each from MSRC, CISA KEV, and EPSS, and ranks them by real-world risk. Run the demo free, no registration, no access to your tenant.

Download and go, free