Microsoft Azure Active Directory — known CVE vulnerabilities
Every CVE whose affected-product data names Microsoft Azure Active Directory, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (3)
CVE-2026-45480 — CVSS 10.0 (critical): Improper authentication in Azure Active Directory allows an unauthorized attacker to elevate privileges over a network.
CVE-2021-42306 — CVSS 8.1 (high): An information disclosure vulnerability manifests when a user or an application uploads unprotected private key data as part of an…