๐Ÿ” CVE Alert

CVE-2026-23658

HIGH 8.6

Azure DevOps: msazure Elevation of Privilege Vulnerability

CVSS Score
8.6
EPSS Score
0.0%
EPSS Percentile
0th

Insufficiently protected credentials in Azure DevOps allows an unauthorized attacker to elevate privileges over a network.

Vendor microsoft
Product azure devops: msazure
Ecosystems
Industries
TechnologyEnterprise
Published Mar 19, 2026
Last Updated Apr 14, 2026
Stay Ahead of the Next One

Get instant alerts for microsoft azure devops: msazure

Be the first to know when new high vulnerabilities affecting microsoft azure devops: msazure are published โ€” delivered to Slack, Telegram or Discord.

Get Free Alerts โ†’ Free ยท No credit card ยท 60 sec setup

CVSS v3 Breakdown

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N/E:U/RL:O/RC:C
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability

Affected Versions

Microsoft / Azure DevOps: msazure
-

References

NVD โ†— CVE.org โ†— EPSS Data โ†—
msrc.microsoft.com: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23658