EUVD-2026-31522

Origin validation error in Microsoft Entra ID allows an unauthorized attacker to elevate privileges over a network...

EUVD-2026-31514

Improper authentication in Azure Resource Manager ARM allows an unauthorized attacker to elevate privileges over a network...

Microsoft Azure Privileged Identity Management 安全漏洞

Microsoft Azure Privileged Identity Management is a cloud-based privilege account and permission lifecycle management service provided by Microsoft. There is a security vulnerability in Microsoft Azure Privileged Identity Management, which stems from bypassing authorization through user-controlle...

PT-2026-42842

Name of the Vulnerable Software and Affected Versions Azure Privileged Identity Management PIM affected versions not specified Description An authorization bypass exists due to a user-controlled key, which allows an authorized attacker to elevate privileges over a network. Recommendations At the...

CVE-2026-35438

Missing authorization in Windows Admin Center allows an authorized attacker to elevate privileges over a network...

CVE-2026-41613

Session fixation in Visual Studio Code allows an unauthorized attacker to elevate privileges over a network...

Azure Logic Apps Elevation of Privilege Vulnerability

Improper access control in Azure Logic Apps allows an authorized attacker to elevate privileges over a network...

openSUSE 16 Security Update : MozillaThunderbird (openSUSE-SU-2026:20664-1)

The remote openSUSE 16 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2026:20664-1 advisory. Changes in MozillaThunderbird: - Mozilla Thunderbird 140.10.0 ESR Newly translated strings were not available in Thunderbird MFSA 2026-34...

Azure AI Foundry Elevation of Privilege Vulnerability

Improper authorization in Azure AI Foundry allows an unauthorized attacker to elevate privileges over a network...

CVE-2026-26119

Improper authentication in Windows Admin Center allows an authorized attacker to elevate privileges over a network...

CVE-2026-24306

Improper access control in Azure Front Door AFD allows an unauthorized attacker to elevate privileges over a network...

CVE-2026-20934

Concurrent execution using shared resource with improper synchronization 'race condition' in Windows SMB Server allows an authorized attacker to elevate privileges over a network...

CVE-2026-20848

Concurrent execution using shared resource with improper synchronization 'race condition' in Windows SMB Server allows an authorized attacker to elevate privileges over a network...

Windows HTTP.sys Elevation of Privilege Vulnerability

Improper access control in Windows HTTP.sys allows an authorized attacker to elevate privileges over a network...

Microsoft SQL Server Elevation of Privilege Vulnerability

Missing authentication for critical function in SQL Server allows an authorized attacker to elevate privileges over a network...

Azure Application Gateway Elevation of Privilege Vulnerability

Out-of-bounds read in Application Gateway allows an unauthorized attacker to elevate privileges over a network...

CVE-2025-60704

Missing cryptographic step in Windows Kerberos allows an unauthorized attacker to elevate privileges over a network...

Azure Event Grid System Elevation of Privilege Vulnerability

Improper access control in Azure Event Grid allows an unauthorized attacker to elevate privileges over a network...

CVE-2025-49708

Use after free in Microsoft Graphics Component allows an authorized attacker to elevate privileges over a network...

EUVD-2025-24368

Malicious code in bioql PyPI...