123 matches found
EUVD-2026-41442
Server-side request forgery ssrf in Microsoft Entra Provisioning Service SyncFabric allows an authorized attacker to elevate privileges over a network...
CVE-2026-57100
Technical details on affected products/versions, root cause, exploit scenarios, or mitigations are not publicly provided in the supplied documents. Monitor official sources for updates.
CVE-2026-57100 Microsoft Entra Provisioning Service Elevation of Privilege Vulnerability
...
PT-2026-55321
Name of the Vulnerable Software and Affected Versions Microsoft Entra Provisioning Service SyncFabric affected versions not specified Description Server-side request forgery SSRF in the Microsoft Entra Provisioning Service SyncFabric allows an authorized attacker to elevate privileges over a...
CVE-2026-42525
Jenkins Microsoft Entra ID previously Azure AD Plugin 666.v6060de32f87d and earlier does not restrict the redirect URL after login, allowing attackers to perform phishing attacks...
CVE-2026-42901
Origin validation error in Microsoft Entra ID allows an unauthorized attacker to elevate privileges over a network...
CVE-2026-42901
Origin validation error in Microsoft Entra ID allows an unauthorized attacker to elevate privileges over a network...
CVE-2026-42901 Microsoft Entra ID Elevation of Privilege Vulnerability
...
CVE-2026-42901 Microsoft Entra ID Elevation of Privilege Vulnerability
...
CVE-2026-42901
Origin validation error in Microsoft Entra ID allows an unauthorized attacker to elevate privileges over a network...
EUVD-2026-31522
Origin validation error in Microsoft Entra ID allows an unauthorized attacker to elevate privileges over a network...
CVE-2026-42901
CVE-2026-42901 affects Microsoft Entra ID. AOrigin validation error allows an unauthenticated attacker to elevate privileges over a network. Metrics indicate a CRITICAL impact (CVSSv3.1: 10.0, AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H) with network-based access, no user interaction, and a changed scope...
Microsoft recognized as a Leader in The Forrester Wave™ for Workforce Identity Security Platforms
Identity is the backbone of modern cybersecurity. Every access decision carries risk, across employees, partners, devices, workloads, and an expanding set of AI-powered agents. But most organizations are still operating across disparate systems. Identity signals are captured in one place, access...
Microsoft Entra ID 访问控制错误漏洞
Microsoft Entra ID is a cloud-based identity and management solution provided by Microsoft Corporation. There is an access control vulnerability in Microsoft Entra ID, which stems from a source verification error. This vulnerability could allow unauthorized attackers to escalate their privileges...
Microsoft Entra 安全漏洞
Microsoft Entra is an identity and access management system developed by the American company Microsoft. There is a security vulnerability in Microsoft Entra, which stems from using alternative paths or channels to bypass authentication. This could allow unauthorized attackers to gain elevated...
PT-2026-42849
Name of the Vulnerable Software and Affected Versions Microsoft Entra ID affected versions not specified Description An origin validation error in Microsoft Entra ID allows an unauthorized attacker to elevate privileges over a network. Recommendations At the moment, there is no information about ...
Microsoft Entra ID Elevation of Privilege Vulnerability
Origin validation error in Microsoft Entra ID allows an unauthorized attacker to elevate privileges over a network...
KLA91067 Multiple vulnerabilities in Microsoft Azure
Multiple vulnerabilities were found in Microsoft Azure. Malicious users can exploit these vulnerabilities to gain privileges, execute arbitrary code, obtain sensitive information. Below is a complete list of vulnerabilities: 1. An elevation of privilege vulnerability in Microsoft Entra ID can be...
CVE-2026-42177
linux-entra-sso is a browser plugin for Linux to SSO on Microsoft Entra ID. Prior to 1.8.1, platform/chrome/js/platform-chrome.js:69-88 registers a single declarativeNetRequest rule whose urlFilter is Platform.SSOURL + "/", i.e. "https://login.microsoftonline.com/". Chrome's urlFilter without a |...
UBUNTU-CVE-2026-42177
linux-entra-sso is a browser plugin for Linux to SSO on Microsoft Entra ID. Prior to 1.8.1, platform/chrome/js/platform-chrome.js:69-88 registers a single declarativeNetRequest rule whose urlFilter is Platform.SSOURL + "/", i.e. "https://login.microsoftonline.com/". Chrome's urlFilter without a |...