Microsoft Azure Machine Learning — known CVE vulnerabilities
Every CVE whose affected-product data names Microsoft Azure Machine Learning, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (8)
CVE-2025-49746 — CVSS 9.9 (critical): Improper authorization in Azure Machine Learning allows an authorized attacker to elevate privileges over a network.
CVE-2025-49747 — CVSS 9.9 (critical): Missing authorization in Azure Machine Learning allows an authorized attacker to elevate privileges over a network.
CVE-2026-32207 — CVSS 8.8 (high): Improper neutralization of input during web page generation ('cross-site scripting') in Azure Machine Learning allows an unauthorized…
CVE-2026-33833 — CVSS 8.2 (high): Improper neutralization of special elements in output used by a downstream component ('injection') in Azure Machine Learning allows an…
CVE-2025-47995 — CVSS 6.5 (medium): Weak authentication in Azure Machine Learning allows an authorized attacker to elevate privileges over a network.