CVE Catalog

CVE-2026-42901

Critical
Published: Translated: NVD NIST

Summary

Origin validation error in Microsoft Entra ID allows an unauthorized attacker to elevate privileges over a network.

Risk Assessment

The organization may be exposed to unauthorized access to resources and the potential for privilege escalation by an attacker.

Recommendation

It is recommended to update Microsoft Entra ID and implement additional security measures to mitigate the risk.

Original NVD description (English source)

Origin validation error in Microsoft Entra ID allows an unauthorized attacker to elevate privileges over a network.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS