Azure security advisories
6 threat alerts tracking vulnerabilities and security advisories that affect Azure products.
Vulnios monitors Azure CVE feeds, vendor advisories, CISA KEV listings, and exploit-prediction data continuously. Each alert below is enriched with severity, exploitation status, affected products, and a remediation path. Use this page to scan recent Azure security news in one place, or click into an individual alert for full detail.
CVE-2026-35435 Azure AI Foundry Elevation of Privilege Vulnerability
Improper access control in Azure AI Foundry M365 published agents allows an unauthorized attacker to elevate privileges over a network.
criticalCVE-2026-35435CVE-2026-32207 Azure Machine Learning Notebook Spoofing Vulnerability
Improper neutralization of input during web page generation ('cross-site scripting') in Azure Machine Learning allows an unauthorized attacker to perform spoofing over a network.
criticalCVE-2026-32207CVE-2026-41105 Azure Monitor Action Group Notification System Elevation of Privilege Vulnerability
Server-side request forgery (ssrf) in Azure Notification Service allows an authorized attacker to elevate privileges over a network.
criticalCVE-2026-41105CVE-2026-42826 Azure DevOps Information Disclosure Vulnerability
Exposure of sensitive information to an unauthorized actor in Azure DevOps allows an unauthorized attacker to disclose information over a network.
criticalCVE-2026-42826CVE-2026-35428 Azure Cloud Shell Spoofing Vulnerability
Improper neutralization of special elements used in a command ('command injection') in Azure Cloud Shell allows an unauthorized attacker to perform spoofing over a network.
criticalCVE-2026-35428CVE-2026-42151 Prometheus Azure AD remote write OAuth client secret exposed via config API
criticalCVE-2026-42151
Track Azure exposure across your environment
Vulnios automatically cross-references your asset inventory against new Azure CVEs and surfaces only what affects you. No more sifting manually — actionable findings only.
Start a free scan