VYPR

Entra ID

by Microsoft

CVEs (7)

  • CVE-2026-42901CriMay 22, 2026
    risk 0.65cvss 10.0epss 0.00

    Origin validation error in Microsoft Entra ID allows an unauthorized attacker to elevate privileges over a network.

  • CVE-2026-35431CriApr 23, 2026
    risk 0.65cvss 10.0epss 0.01

    Server-side request forgery (ssrf) in Microsoft Entra ID Entitlement Management allows an unauthorized attacker to perform spoofing over a network.

  • CVE-2026-40379CriMay 12, 2026
    risk 0.60cvss 9.3epss 0.01

    Exposure of sensitive information to an unauthorized actor in Azure Entra ID allows an unauthorized attacker to perform spoofing over a network.

  • CVE-2026-33843CriMay 22, 2026
    risk 0.59cvss 9.1epss 0.00

    Authentication bypass using an alternate path or channel in Microsoft Azure Active Directory B2C allows an unauthorized attacker to elevate privileges over a network.

  • CVE-2026-23663HigMay 22, 2026
    risk 0.49cvss 7.5epss 0.01

    Improper privilege management in Azure Entra ID allows an unauthorized attacker to elevate privileges over a network.

  • CVE-2024-21401Feb 13, 2024
    risk 0.00cvss epss 0.01

    Microsoft Entra Jira Single-Sign-On Plugin Elevation of Privilege Vulnerability

  • CVE-2024-21381Feb 13, 2024
    risk 0.00cvss epss 0.00

    Microsoft Azure Active Directory B2C Spoofing Vulnerability