CVE Catalog

CVE-2026-40411

Critical
Published: Translated: NVD NIST

Summary

Improper input validation in Azure Virtual Network Gateway allows an authorized attacker to execute code over a network.

Risk Assessment

An attacker with appropriate permissions could exploit this vulnerability to execute code remotely, potentially leading to serious security breaches.

Recommendation

It is recommended to conduct a security audit and update Azure components to mitigate this vulnerability.

Original NVD description (English source)

Improper input validation in Azure Virtual Network Gateway allows an authorized attacker to execute code over a network.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS