CVE Catalog

CVE-2026-40379

Critical
Published: Translated: NVD NIST

Summary

Azure Entra ID has an exposure of sensitive information that allows an unauthorized attacker to perform spoofing over a network.

Risk Assessment

The organization may be vulnerable to attacks that could lead to data theft or compromise of system integrity.

Recommendation

It is recommended to implement additional security measures such as access monitoring and security audits to minimize risk.

Original NVD description (English source)

Exposure of sensitive information to an unauthorized actor in Azure Entra ID allows an unauthorized attacker to perform spoofing over a network.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS