AWS, Azure, Google Cloud Platform Vulnerability datasets gethered on 2025 May

The vulnerability datasets used in this study were collected from official and publicly available sources as of May 2025. For AWS and GCP, vulnerability information was retrieved from their respective security bulletin portals (AWS: https:\/\/aws.amazon.com\/security\/security-bulletins, GCP: https:\/\/cloud.google.com\/support\/bulletins).In the case of MSA, direct and systematic extraction of vulnerability data was not feasible due to the lack of a publicly accessible, structured bulletin format. Therefore, we utilized the third-party vulnerability database (https:\/\/www.cvedetails. com), employing its advanced search interface to isolate Azure-specific vulnerabilities. Specifically, we set the vendor and product fields to Microsoft and Azure respectively. This search yielded 122 Azure-related product entries with a total of 378 vulnerability records, including duplicates. The dataset was then refined by filtering out non-unique CVE entries.The final dataset comprises unique CVE identifiers for each cloud service provider as follows: AWS (122 entries), MSA (319 entries), and GCP (264 entries).