VYPR
Critical severity10.0NVD Advisory· Published May 22, 2026· Updated May 27, 2026

CVE-2026-42901

CVE-2026-42901

Description

Origin validation error in Microsoft Entra ID allows an unauthorized attacker to elevate privileges over a network.

Affected products

2
  • cpe:2.3:a:microsoft:entra_id:-:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:microsoft:entra_id:-:*:*:*:*:*:*:*
    • (no CPE)

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.