| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2026-21515 | Azure IoT Central Elevation of Privilege Vulnerability | Microsoft | Azure IOT Central | Critical | 9.9 | 2026-04-24 12:51:34 | Deep Dive |
| CVE-2026-32952 | go-ntlmssp NTLM challenges can panic on malformed payloads | Azure | go-ntlmssp | Medium | 5.3 | 2026-04-24 01:46:32 | Deep Dive |
| CVE-2026-32176 | SQL Server Elevation of Privilege Vulnerability | Microsoft | Microsoft SQL Server 2016 Service Pack 3 (GDR) | Medium | 6.7 | 2026-04-14 16:58:32 | Deep Dive |
| CVE-2026-32171 | Azure Logic Apps Elevation of Privilege Vulnerability | Microsoft | Azure Logic Apps | High | 8.8 | 2026-04-14 16:58:31 | Deep Dive |
| CVE-2026-32192 | Azure Monitor Agent Elevation of Privilege Vulnerability | Microsoft | Azure Monitor | High | 7.8 | 2026-04-14 16:57:35 | Deep Dive |
| CVE-2026-32168 | Azure Monitor Agent Elevation of Privilege Vulnerability | Microsoft | Azure Monitor | High | 7.8 | 2026-04-14 16:57:31 | Deep Dive |
| CVE-2026-32167 | SQL Server Elevation of Privilege Vulnerability | Microsoft | Microsoft SQL Server 2016 Service Pack 3 (GDR) | Medium | 6.7 | 2026-04-14 16:57:30 | Deep Dive |
| CVE-2026-32211 | Azure MCP Server Information Disclosure Vulnerability | Microsoft | Azure Web Apps | Critical | 9.1 | 2026-04-02 23:27:02 | Deep Dive |
| CVE-2026-32173 | Azure SRE Agent Information Disclosure Vulnerability | Microsoft | Azure SRE Agent Gateway - SignalR Hub | High | 8.6 | 2026-04-02 23:27:00 | Deep Dive |
| CVE-2026-33105 | Microsoft Azure Kubernetes Service Elevation of Privilege Vulnerability | Microsoft | Azure Kubernetes Service | Critical | 10.0 | 2026-04-02 23:26:59 | Deep Dive |
| CVE-2026-26135 | Azure Custom Locations Resource Provider (RP) Elevation of Privilege Vulnerability | Microsoft | Azure Custom Locations Resource Provider | Critical | 9.6 | 2026-04-02 23:26:59 | Deep Dive |
| CVE-2026-33107 | Azure Databricks Elevation of Privilege Vulnerability | Microsoft | Azure Databricks | Critical | 10.0 | 2026-04-02 23:26:58 | Deep Dive |
| CVE-2026-32213 | Azure AI Foundry Elevation of Privilege Vulnerability | Microsoft | Azure AI Foundry | Critical | 10.0 | 2026-04-02 23:26:56 | Deep Dive |
| CVE-2026-23659 | Azure Data Factory Information Disclosure Vulnerability | Microsoft | Azure Data Factory | High | 8.6 | 2026-03-19 21:06:24 | Deep Dive |
| CVE-2026-23658 | Azure DevOps: msazure Elevation of Privilege Vulnerability | Microsoft | Azure DevOps: msazure | High | 8.6 | 2026-03-19 21:06:23 | Deep Dive |
| CVE-2026-32169 | Azure Cloud Shell Elevation of Privilege Vulnerability | Microsoft | Azure Cloud Shell | Critical | 10.0 | 2026-03-19 21:06:21 | Deep Dive |
| CVE-2026-32268 | Azure Blob Storage for Craft CMS Potential Sensitive Information Disclosure vulnerability | craftcms | azure-blob | 中危 | - | 2026-03-18 04:53:04 | Deep Dive |
| CVE-2026-26141 | Hybrid Worker Extension (Arc‑enabled Windows VMs) Elevation of Privilege Vulnerability | Microsoft | Azure Automation Hybrid Worker Windows Extension | High | 7.8 | 2026-03-10 17:05:23 | Deep Dive |
| CVE-2026-26117 | Arc Enabled Servers - Azure Connected Machine Agent Elevation of Privilege Vulnerability | Microsoft | Arc Enabled Servers - Azure Connected Machine Agent | High | 7.8 | 2026-03-10 17:05:21 | Deep Dive |
| CVE-2026-26118 | Azure MCP Server Tools Elevation of Privilege Vulnerability | Microsoft | Azure MCP Server Tools 1.0.0 (npm) | High | 8.8 | 2026-03-10 17:05:21 | Deep Dive |