CVE-2026: SSRF Vulnerabilities in Azure Services

CVE-2026: SSRF Vulnerabilities in Azure Services

First seen 10 Mar 2026, 17:28 UTC Api.Msrc.Microsoft 81% similarity 72.0

Article Content

Browse articles
ThreatCluster

Two critical server-side request forgery (SSRF) vulnerabilities have been identified in Azure services. The first allows authorized attackers to elevate privileges in Azure MCP Server, while the second enables unauthorized attackers to perform spoofing via Azure IoT Explorer. Both vulnerabilities pose significant risks to network security.

ThreatCluster AI

Timeline

2026-03-10
CVE-2026 published
2026-03-10
Microsoft releases advisory on vulnerabilities

Community

Browse all →