Want to experience Microsoft Defender XDR? Learn more about how you can evaluate and pilot Microsoft Defender XDR.

Applies to:

  • Microsoft Defender XDR

The DeviceTvmSoftwareVulnerabilitiesKB table in the advanced hunting schema contains the list of vulnerabilities Microsoft Defender Vulnerability Management assesses devices for. Use this reference to construct queries that return information from the table.

For information on other tables in the advanced hunting schema, see the advanced hunting reference.

Column name Data type Description
CveId string Unique identifier assigned to the security vulnerability under the Common Vulnerabilities and Exposures (CVE) system
CvssScore string Severity score assigned to the security vulnerability under th Common Vulnerability Scoring System (CVSS)
IsExploitAvailable boolean Indicates whether exploit code for the vulnerability is publicly available
VulnerabilitySeverityLevel string Severity level assigned to the security vulnerability based on the CVSS score and dynamic factors influenced by the threat landscape
LastModifiedTime datetime Date and time the item or related metadata was last modified
PublishedDate datetime Date vulnerability was disclosed to public
VulnerabilityDescription string Description of vulnerability and associated risks
AffectedSoftware string List of all software products affected by the vulnerability


Do you want to learn more? Engage with the Microsoft Security community in our Tech Community: Microsoft Defender XDR Tech Community.