News & Sicurezza

Improper authorization in Microsoft Azure Kubernetes Service allows an unauthorized attacker to elevate privileges over a network.

Improper authorization in Azure AI Foundry allows an unauthorized attacker to elevate privileges over a network.

Missing authentication for critical function in Azure MCP Server allows an unauthorized attacker to disclose information over a network.

Improper authentication in Azure SRE Agent allows an unauthorized attacker to disclose information over a network.

Server-side request forgery (ssrf) in Azure Custom Locations Resource Provider (RP) allows an authorized attacker to elevate privileges over a network.

CVE ID :CVE-2026-32211 Published : April 3, 2026, 12:16 a.m. | 5 hours, 38 minutes ago Description :Missing authentication for critical function in Azure MCP Server allows an unauthorized attacker to disclose information over a network. Severity: 9.1 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVE ID :CVE-2026-32173 Published : April 3, 2026, 12:16 a.m. | 5 hours, 38 minutes ago Description :Improper authentication in Azure SRE Agent allows an unauthorized attacker to disclose information over a network. Severity: 8.6 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVE ID :CVE-2026-33105 Published : April 3, 2026, 12:16 a.m. | 5 hours, 38 minutes ago Description :Improper authorization in Microsoft Azure Kubernetes Service allows an unauthorized attacker to elevate privileges over a network. Severity: 10.0 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVE ID :CVE-2026-26135 Published : April 3, 2026, 12:16 a.m. | 5 hours, 38 minutes ago Description :Server-side request forgery (ssrf) in Azure Custom Locations Resource Provider (RP) allows an authorized attacker to elevate privileges over a network. Severity: 9.6 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVE ID :CVE-2026-33107 Published : April 3, 2026, 12:16 a.m. | 5 hours, 38 minutes ago Description :Server-side request forgery (ssrf) in Azure Databricks allows an unauthorized attacker to elevate privileges over a network. Severity: 10.0 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVE ID :CVE-2026-32213 Published : April 3, 2026, 12:16 a.m. | 5 hours, 38 minutes ago Description :Improper authorization in Azure AI Foundry allows an unauthorized attacker to elevate privileges over a network. Severity: 10.0 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVE ID :CVE-2022-4986 Published : April 2, 2026, 10:16 p.m. | 5 hours, 38 minutes ago Description :Hirschmann EagleSDV version 05.4.01 prior to 05.4.02 contains a denial-of-service vulnerability that causes the device to crash during session establishment when using TLS 1.0 or TLS 1.1. Attackers can trigger a crash by initiating TLS connections with these protocol versions to disrupt service availability. Severity: 8.7 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more...