Microsoft Azure Cloud Shell — known CVE vulnerabilities
Every CVE whose affected-product data names Microsoft Azure Cloud Shell, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (2)
CVE-2026-32169 — CVSS 10.0 (critical): Server-side request forgery (ssrf) in Azure Cloud Shell allows an unauthorized attacker to elevate privileges over a network.
CVE-2026-35428 — CVSS 9.6 (critical): Improper neutralization of special elements used in a command ('command injection') in Azure Cloud Shell allows an unauthorized attacker to…