CVE-2026-26125 Payment Orchestrator Service Elevation of Privilege Vulnerability

...

CVE-2026-26125

CVE-2026-26125 describes an elevation of privilege vulnerability affecting the Payment Orchestrator Service. The PT-2026-23573 entry confirms a privilege-escalation issue with Payment Orchestrator Service but does not specify affected versions. Multiple sources label this as a Microsoft product i...

CVE-2026-26125 Payment Orchestrator Service Elevation of Privilege Vulnerability

...

Payment Orchestrator Service Elevation of Privilege Vulnerability

...

KLA90914 PE vulnerability in Microsoft Payment Orchestrator Service

An elevation of privilege vulnerability was found in Microsoft Payment Orchestrator Service. Malicious users can exploit this vulnerability to gain privileges. Original advisories CVE-2026-26125 Exploitation CVE list CVE-2026-26125 critical KB list Solution Install necessary updates from the KB...

CVE-2025-37184

A vulnerability exists in an Orchestrator service that could allow an unauthenticated remote attacker to bypass multi-factor authentication requirements. Successful exploitation could allow an attacker to create an admin user account without the necessary multi-factor authentication, thereby...

CVE-2025-37184

A vulnerability exists in an Orchestrator service that could allow an unauthenticated remote attacker to bypass multi-factor authentication requirements. Successful exploitation could allow an attacker to create an admin user account without the necessary multi-factor authentication, thereby...

CVE-2025-37184

A vulnerability exists in an Orchestrator service that could allow an unauthenticated remote attacker to bypass multi-factor authentication requirements. Successful exploitation could allow an attacker to create an admin user account without the necessary multi-factor authentication, thereby...

CVE-2025-37184 Unauthenticated Bypass Allows Multi-Factor Authentication Circumvention

A vulnerability exists in an Orchestrator service that could allow an unauthenticated remote attacker to bypass multi-factor authentication requirements. Successful exploitation could allow an attacker to create an admin user account without the necessary multi-factor authentication, thereby...

CVE-2025-37184 Unauthenticated Bypass Allows Multi-Factor Authentication Circumvention

A vulnerability exists in an Orchestrator service that could allow an unauthenticated remote attacker to bypass multi-factor authentication requirements. Successful exploitation could allow an attacker to create an admin user account without the necessary multi-factor authentication, thereby...

CVE-2025-37184

CVE-2025-37184 affects an Orchestrator service. The issue is an unauthenticated remote bypass of multi-factor authentication, enabling an attacker to create an admin user account and potentially compromise secured access. The public documents consistently describe the vulnerability without listin...

PT-2026-2914

A vulnerability exists in an Orchestrator service that could allow an unauthenticated remote attacker to bypass multi-factor authentication requirements. Successful exploitation could allow an attacker to create an admin user account without the necessary multi-factor authentication, thereby...

EUVD-2020-9029

Malware in sbrugna...

EUVD-2020-9031

Malware in sbrugna...

EUVD-2020-2336

Malware in sbrugna...

EUVD-2020-9028

Malware in sbrugna...

EUVD-2023-36328

Malicious code in bioql PyPI...

PT-2024-19160 · Veeam · Veeam Recovery Orchestrator

Name of the Vulnerable Software and Affected Versions: Veeam Recovery Orchestrator affected versions not specified Description: The issue allows a user with a low-privileged role to access the NTLM hash of the service account used by the Veeam Orchestrator Server Service. Recommendations: At the...

CVE-2023-32041

Windows Update Orchestrator Service Information Disclosure Vulnerability...

CVE-2023-32041

Windows Update Orchestrator Service Information Disclosure Vulnerability...