Product

Azure Entra ID

2 briefs RSS

CVE-2026-23663: Azure Entra ID Improper Privilege Management Vulnerability

CVE-2026-23663 is a privilege escalation vulnerability in Azure Entra ID that allows an unauthorized attacker to elevate privileges over a network.

Azure Entra ID privilege-escalation cloud azure

2r 1t 1c 3w ago

medium advisory

CVE-2026-40379 Microsoft Enterprise Security Token Service (ESTS) Spoofing Vulnerability

2 rules 1 TTP

CVE-2026-40379 is a spoofing vulnerability in Microsoft Enterprise Security Token Service (ESTS) where exposure of sensitive information in Azure Entra ID allows an unauthorized attacker to perform spoofing over a network.

Enterprise Security Token Service +1 entra_id spoofing cloud

2r 1t May 7, 2026