VYPR
Critical severity10.0NVD Advisory· Published May 22, 2026· Updated May 27, 2026

CVE-2026-23652

CVE-2026-23652

Description

Improper neutralization of special elements used in a command ('command injection') in Microsoft Power Pages allows an unauthorized attacker to execute code over a network.

Affected products

2
  • cpe:2.3:a:microsoft:power_pages:-:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:microsoft:power_pages:-:*:*:*:*:*:*:*
    • (no CPE)

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.