Microsoft Azure Synapse — known CVE vulnerabilities
Every CVE whose affected-product data names Microsoft Azure Synapse, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (2)
CVE-2026-48584 — CVSS 9.9 (critical): Execution with unnecessary privileges in Azure Synapse allows an authorized attacker to elevate privileges over a network.
CVE-2026-26145 — CVSS 4.8 (medium): Improper access control in Azure Synapse allows an authorized attacker to elevate privileges over a network.