VYPR

Azure Arc

by Microsoft

CVEs (5)

  • CVE-2026-24302HigFeb 5, 2026
    risk 0.56cvss 8.6epss 0.02

    Improper access control in Azure Arc allows an unauthorized attacker to elevate privileges over a network.

  • CVE-2025-55316Sep 9, 2025
    risk 0.00cvss epss 0.00

    External control of file name or path in Azure Arc allows an authorized attacker to elevate privileges locally.

  • CVE-2025-26627Mar 11, 2025
    risk 0.00cvss epss 0.01

    Improper neutralization of special elements used in a command ('command injection') in Azure Arc allows an authorized attacker to elevate privileges locally.

  • CVE-2022-38007Sep 13, 2022
    risk 0.00cvss epss 0.01

    Azure Guest Configuration and Azure Arc-enabled servers Elevation of Privilege Vulnerability

  • CVE-2019-0804Apr 9, 2019
    risk 0.00cvss epss 0.05

    An information disclosure vulnerability exists in the way Azure WaLinuxAgent creates swap files on resource disks, aka 'Azure Linux Agent Information Disclosure Vulnerability'.