CVE-2026-32168 — CVSS 7.8 (high): Improper input validation in Azure Monitor Agent allows an authorized attacker to elevate privileges locally.
CVE-2026-32192 — CVSS 7.8 (high): Deserialization of untrusted data in Azure Monitor Agent allows an authorized attacker to elevate privileges locally.
CVE-2026-32204 — CVSS 7.8 (high): External control of file name or path in Azure Monitor Agent allows an authorized attacker to elevate privileges locally.
CVE-2025-47988 — CVSS 7.5 (high): Improper control of generation of code ('code injection') in Azure Monitor Agent allows an unauthorized attacker to execute code over an…
CVE-2025-59504 — CVSS 7.3 (high): Heap-based buffer overflow in Azure Monitor Agent allows an unauthorized attacker to execute code locally.
CVE-2025-59285 — CVSS 7.0 (high): Deserialization of untrusted data in Azure Monitor Agent allows an authorized attacker to elevate privileges locally.
CVE-2026-42830 — CVSS 6.5 (medium): Untrusted search path in Azure Monitor Agent allows an authorized attacker to elevate privileges locally.