Every CVE whose affected-product data names Microsoft Azure Local, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (2)
CVE-2026-42822 — CVSS 10.0 (critical): Improper authentication in Azure Local Disconnected Operations allows an unauthorized attacker to elevate privileges over a network.
CVE-2026-21228 — CVSS 8.1 (high): Improper certificate validation in Azure Local allows an unauthorized attacker to execute code over a network.