Microsoft Power Apps Uncontrolled Search Path Element Remote Code Execution Vulnerability

Vulnerability

A remote code execution vulnerability has been identified in Microsoft Power Apps. This issue arises from an uncontrolled search path element, which allows an unauthorized attacker to execute code over a network. The vulnerability affects several different versions of Power Apps.

Impact

Exploitation of this vulnerability allows for remote code execution on the affected system.

Added: Apr 23, 2026, 11:11 PM

Updated: Apr 23, 2026, 11:11 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.5

exploitability

4.4

remediation

0.0

relevance

6.5

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.5

exploitability

4.4

remediation

0.0

relevance

6.5

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Microsoft Power Apps Uncontrolled Search Path Element Remote Code Execution Vulnerability

Vulnerability

Impact

Affected Products

Microsoft Power Apps

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating