CVE-2026-45108

Himmelblau is an interoperability suite for Microsoft Azure Entra ID and Intune. From 2.0.0 to before 3.1.5 and 2.3.11, Himmelblau contained an authentication bypass vulnerability in the Device Authorization Grant DAG flow that allowed a user within the same Entra ID domain to obtain a local Unix...

SUSE CVE-2026-45108

Himmelblau is an interoperability suite for Microsoft Azure Entra ID and Intune. From 2.0.0 to before 3.1.5 and 2.3.11, Himmelblau contained an authentication bypass vulnerability in the Device Authorization Grant DAG flow that allowed a user within the same Entra ID domain to obtain a local Unix...

CVE-2026-45108

Himmelblau is an interoperability suite for Microsoft Azure Entra ID and Intune. From 2.0.0 to before 3.1.5 and 2.3.11, Himmelblau contained an authentication bypass vulnerability in the Device Authorization Grant DAG flow that allowed a user within the same Entra ID domain to obtain a local Unix...

EUVD-2026-32633

Himmelblau is an interoperability suite for Microsoft Azure Entra ID and Intune. From 2.0.0 to before 3.1.5 and 2.3.11, Himmelblau contained an authentication bypass vulnerability in the Device Authorization Grant DAG flow that allowed a user within the same Entra ID domain to obtain a local Unix...

PT-2026-44079

Name of the Vulnerable Software and Affected Versions Himmelblau versions 2.0.0 through 3.1.4 Himmelblau versions prior to 2.3.11 Description An authentication bypass exists in the Device Authorization Grant DAG flow, which is a process allowing devices with limited input capabilities to be...

Himmelblau 安全漏洞

Himmelblau is an open-source Azure Entra ID authentication module developed by Himmelblau. Versions of Himmelblau from 2.0.0 to 3.1.5, as well as versions prior to 2.3.11, contained security vulnerabilities. These vulnerabilities stemmed from the tokenvalidate function, which did not verify wheth...