Search CVEs

Top 20 matches Showing top matches — use filters or a more specific query to narrow

CVE-2026-32174

HIGH CVSS 8.8

Find Similar

Improper authentication in Azure Bot Service allows an authorized attacker to elevate privileges over a network.

microsoft

CVE-2025-30392

CRITICAL CVSS 9.8

Find Similar

Improper authorization in Azure Bot Framework SDK allows an unauthorized attacker to elevate privileges over a network.

microsoft

CVE-2025-30389

CRITICAL CVSS 9.8

Find Similar

Improper authorization in Azure Bot Framework SDK allows an unauthorized attacker to elevate privileges over a network.

microsoft

CVE-2026-45480

CRITICAL CVSS 10.0

Find Similar

Improper authentication in Azure Active Directory allows an unauthorized attacker to elevate privileges over a network.

microsoft

CVE-2026-42822

CRITICAL CVSS 10.0

Find Similar

Improper authentication in Azure Local Disconnected Operations allows an unauthorized attacker to elevate privileges over a network.

microsoft

CVE-2025-21415

HIGH CVSS 8.8

Find Similar

Authentication bypass by spoofing in Azure AI Face Service allows an authorized attacker to elevate privileges over a network.

microsoft

CVE-2025-55244

CRITICAL CVSS 9.0

Find Similar

Azure Bot Service Elevation of Privilege Vulnerability

microsoft

CVE-2025-30390

HIGH CVSS 8.8

Find Similar

Improper authorization in Azure allows an authorized attacker to elevate privileges over a network.

microsoft

CVE-2026-40381

HIGH CVSS 7.8

Find Similar

Improper access control in Azure Connected Machine Agent allows an authorized attacker to elevate privileges locally.

microsoft

CVE-2026-35435

CRITICAL CVSS 10.0

Find Similar

Improper access control in Azure AI Foundry M365 published agents allows an unauthorized attacker to elevate privileges over a network.

microsoft

CVE-2026-45490

HIGH CVSS 7.8

Find Similar

Improper authorization in .NET allows an authorized attacker to elevate privileges locally.

microsoft

CVE-2026-47280

CRITICAL CVSS 9.8

Find Similar

Improper authentication in Azure Resource Manager (ARM) allows an unauthorized attacker to elevate privileges over a network.

microsoft

CVE-2025-29827

HIGH CVSS 8.8

Find Similar

Improper authorization in Azure Automation allows an authorized attacker to elevate privileges over a network.

microsoft

CVE-2025-49746

HIGH CVSS 8.8

Find Similar

Improper authorization in Azure Machine Learning allows an authorized attacker to elevate privileges over a network.

microsoft

CVE-2026-42823

CRITICAL CVSS 9.9

Find Similar

Improper access control in Azure Logic Apps allows an authorized attacker to elevate privileges over a network.

microsoft

CVE-2026-42834

HIGH CVSS 7.8

Find Similar

Improper access control in Windows Admin Center allows an authorized attacker to elevate privileges over a network.

microsoft

CVE-2026-41086

HIGH CVSS 8.8

Find Similar

Improper access control in Windows Admin Center allows an authorized attacker to elevate privileges over a network.

microsoft

CVE-2026-48584

CRITICAL CVSS 9.9

Find Similar

Execution with unnecessary privileges in Azure Synapse allows an authorized attacker to elevate privileges over a network.

CVE-2026-42902

HIGH CVSS 7.8

Find Similar

Improper authorization in Microsoft PowerToys allows an authorized attacker to elevate privileges locally.

microsoft

CVE-2024-38139

HIGH CVSS 8.8

Find Similar

Improper authentication in Microsoft Dataverse allows an authorized attacker to elevate privileges over a network.

microsoft

Page 1+ Next →