Critical severity10.0NVD Advisory· Published May 18, 2026· Updated May 21, 2026
CVE-2026-42822
CVE-2026-42822
Description
Improper authentication in Azure Local Disconnected Operations allows an unauthorized attacker to elevate privileges over a network.
Affected products
3cpe:2.3:a:microsoft:azure_local:*:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:microsoft:azure_local:*:*:*:*:*:*:*:*range: <2604.2.25645
- (no CPE)
- cpe:2.3:a:microsoft:azure_resource_manager:-:*:*:*:*:*:*:*
Patches
Vulnerability mechanics
References
1- msrc.microsoft.com/update-guide/vulnerability/CVE-2026-42822nvdVendor Advisory
News mentions
0No linked articles in our index yet.