Description
Multiple vulnerabilities were found in Microsoft Azure. Malicious users can exploit these vulnerabilities to bypass security restrictions, gain privileges, spoof user interface, execute arbitrary code, obtain sensitive information.
Below is a complete list of vulnerabilities:
- An elevation of privilege vulnerability in Microsoft ACI Confidential Containers can be exploited remotely to gain privileges.
- A spoofing vulnerability in Azure HDInsight can be exploited remotely to spoof user interface.
- A remote code execution vulnerability in Azure Local can be exploited remotely to execute arbitrary code.
- A remote code execution vulnerability in Azure SDK for Python can be exploited remotely to execute arbitrary code.
- An information disclosure vulnerability in Microsoft ACI Confidential Containers can be exploited remotely to obtain sensitive information.
- An information disclosure vulnerability in Azure IoT Explorer can be exploited remotely to obtain sensitive information.
Original advisories
Exploitation
Public exploits exist for this vulnerability.
Related products
CVE list
- CVE-2026-21228 critical
- CVE-2026-21512 high
- CVE-2026-21522 high
- CVE-2026-21528 high
- CVE-2026-21529 high
- CVE-2026-21531 critical
- CVE-2026-23655 high
KB list
Read more
Find out the statistics of the vulnerabilities spreading in your region on statistics.securelist.com
Found an inaccuracy in the description of this vulnerability? Let us know!