153 matches found
PT-2026-38582
Name of the Vulnerable Software and Affected Versions Azure Cloud Shell affected versions not specified Description Improper neutralization of special elements used in a command allows an unauthorized attacker to perform command injection, which can enable network-based spoofing attacks...
Microsoft Azure Cloud Shell 命令注入漏洞
Microsoft Azure Cloud Shell is a browser-based cloud command-line environment developed by Microsoft Corporation. There is a command injection vulnerability in Microsoft Azure Cloud Shell, which stems from improper neutralization of special elements in commands. This vulnerability could allow...
KLA91030 Multiple vulnerabilities in Microsoft Azure
Multiple vulnerabilities were found in Microsoft Azure. Malicious users can exploit these vulnerabilities to gain privileges, execute arbitrary code, bypass security restrictions, spoof user interface. Below is a complete list of vulnerabilities: 1. An elevation of privilege vulnerability in Azur...
CVE-2026-21515
Exposure of sensitive information to an unauthorized actor in Azure IOT Central allows an authorized attacker to elevate privileges over a network...
Making opportunistic cyberattacks harder by design
This is part of a series of blogs and interviews conducted with our Microsoft Deputy CISOs , in which we surface a number of mission-critical security recommendations and best practices that businesses can enact right now and derive real meaningful benefits from. In this article, Ilya Grebnov,...
MAL-2026-2831 Malicious code in azure-ai-agentserver-githubcopilot (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 5302d683e413611c8a5f1bcfb18c19e34353a50c1d4450546b284197bab5a6f7 Package exploits dependency confusion. A beacon request is used to report usage back, but no additional information are exfiltrated. --- Category:...
GHSA-G4VW-3HQ5-Q7GR vulnerabilities
Vulnerabilities for packages: linux-vmware, linux-aws, linux-azure, linux-gcp, linux-qemu...
CVE-2026-23210 vulnerabilities
Vulnerabilities for packages: linux-vmware, linux-aws, linux-azure, linux-gcp, linux-qemu...
CVE-2026-23226 vulnerabilities
Vulnerabilities for packages: linux-vmware, linux-aws, linux-azure, linux-gcp, linux-qemu...
CVE-2026-32211 Azure MCP Server Information Disclosure Vulnerability
...
Beyond the Badge: What Achieving Microsoft’s Certified Software Designation Means for Your Cloud Security
Verified by Microsoft. Built for Azure. Secured by Wiz...
CVE-2026-32169
Server-side request forgery ssrf in Azure Cloud Shell allows an unauthorized attacker to elevate privileges over a network...
‘CanisterWorm’ Springs Wiper Attack Targeting Iran
A financially motivated data theft and extortion group is attempting to inject itself into the Iran war, unleashing a worm that spreads through poorly secured cloud services and wipes data on infected systems that use Iran's time zone or have Farsi set as the default language. Experts say the wip...
EUVD-2026-13204
Server-side request forgery ssrf in Azure Cloud Shell allows an unauthorized attacker to elevate privileges over a network...
CVE-2026-32169
Server-side request forgery ssrf in Azure Cloud Shell allows an unauthorized attacker to elevate privileges over a network...
CVE-2026-32169 Azure Cloud Shell Elevation of Privilege Vulnerability
...
CVE-2026-32169
Azure Cloud Shell contains a server-side request forgery (SSRF) vulnerability (CVE-2026-32169) that could allow an unauthenticated attacker to elevate privileges over a network. The CVSS v3.1 base score is 10.0 (CRITICAL) with network attack vector, low complexity, no privileges required, no user...
CVE-2026-32169 Azure Cloud Shell Elevation of Privilege Vulnerability
...
Azure Cloud Shell Elevation of Privilege Vulnerability
Server-side request forgery ssrf in Azure Cloud Shell allows an unauthorized attacker to elevate privileges over a network...
PT-2026-26363
Name of the Vulnerable Software and Affected Versions Azure Cloud Shell affected versions not specified Description A server-side request forgery SSRF issue exists in Azure Cloud Shell. This allows an unauthorized attacker to elevate privileges over a network. Server-side request forgery is a web...