Tag

Microsoft Teams

2 briefs RSS

CVE-2026-33823 Microsoft Teams Information Disclosure Vulnerability

CVE-2026-33823 is an information disclosure vulnerability in Microsoft Teams that allows an authorized attacker to disclose sensitive information over a network due to improper authorization.

Teams information-disclosure cloud microsoft-teams

1r 1t May 7, 2026

medium advisory

OpenClaw Microsoft Teams Plugin Sender Allowlist Bypass (CVE-2026-34506)

2 rules 2 TTPs 1 CVE

OpenClaw before 2026.3.8 contains a sender allowlist bypass vulnerability in its Microsoft Teams plugin, allowing unauthorized senders to bypass intended authorization checks due to improper handling of empty groupAllowFrom parameters, potentially leading to information disclosure.

cve-2026-34506 openclaw microsoft teams allowlist bypass

2r 2t 1c Mar 31, 2026