Export and API
Take the data with you. The table above has CSV and JSON export buttons for whatever you have filtered, and the full feed is published as a JSON file you can pull on a schedule. Everything is free to use.
curl -s https://senserva.com/api/microsoft-patches.json | jq '.patches[0]'
const feed = await fetch('https://senserva.com/api/microsoft-patches.json').then(r => r.json());
// actively-exploited updates, highest EPSS first
const urgent = feed.patches.filter(p => p.kev).sort((a, b) => b.epss - a.epss);
kb, date, products[], severity, cvss, kev, ransom, epss, kev_cves[], ransom_cves[], cves[], count.
/cve/CVE-2025-53770.html and /kb/5002759.html.Data sources
Every figure on this page is built from authoritative, public security feeds, refreshed automatically. The same feeds power Senserva's CVE and patch management inside your own tenant.
Every CVE in these Microsoft updates that is listed in the CISA Known Exploited Vulnerabilities catalog is ranked by EPSS exploit probability. Each row in the table above shows the Microsoft KBs that fix it and links to full CVE detail.
What these mean, and why they matter
Patch and vulnerability tools Senserva complements
Senserva does not deploy patches. It reports and ranks the missing patches and CVEs across your Microsoft 365, Intune, Defender, and Entra ID estate by real-world risk (CISA KEV and EPSS), and works alongside the patch, RMM, and vulnerability tools you already run. See how Senserva compares with, and complements, each:
Microsoft's MSRC Update Guide is the authoritative list of what shipped. This adds the prioritization and context it does not.
- Ranked by CISA KEV first, then EPSS exploit probability, then Severity, with actively-exploited and ransomware flags surfaced.
- Monthly volume-by-Severity and a risk trend, a product-family heatmap, and CSV export.
- Each CVE links to an enriched per-CVE page, or jump to the full CVE reference.
- With Senserva: which of these are missing on your devices, with validated approve-before-apply remediation.