Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
MicrosoftAuthenticator

3 matches found

CVE
CVEadded 2024/03/12 4:57 p.m.474 views

CVE-2024-21390

CVE-2024-21390 concerns a local elevation-of-privilege in the Microsoft Authenticator app. The available sources consistently identify the affected software as the Microsoft Authenticator (MSA) mobile app and describe an attacker needing prior access on the device to exploit the issue. Microsoft’...

7.1CVSS7AI score0.01103EPSS
CVE
CVEadded 2026/03/10 7:1 p.m.66 views

CVE-2026-26123

Summary: CVE-2026-26123 affects Microsoft Authenticator for iOS and Android. A malicious app on the same device could intercept sign-in flows by hijacking deep links/QR-based sign-ins, potentially exposing one-time codes and allowing account takeover, bypassing MFA protections. The vulnerability ...

5.5CVSS5.7AI score0.00051EPSS
CVE
CVEadded 2026/05/14 5:0 p.m.13 views

CVE-2026-41615

CVE-2026-41615 affects Microsoft Authenticator. The available documents identify an information disclosure vulnerability that could allow an unauthorized network actor to exfiltrate sensitive data from the Microsoft Authenticator component. The CVSS 3.1 score is 9.6 (CRITICAL) with Network attack...

9.6CVSS5.8AI score0.0006EPSS