Improper Input Validation in Azure Compute Gallery by Microsoft
CVE-2026-26147

7.7HIGH

Key Information:

Vendor: Microsoft
Status: Azure Stack Hci
Vendor: CVE Published:; 22 May 2026

What is CVE-2026-26147?

An input validation issue within Azure Compute Gallery has been identified, allowing an authorized attacker to potentially disclose sensitive information over a network. This vulnerability underscores the importance of robust input validation measures to safeguard against unauthorized data exposure.

Affected Version(s)

Azure Stack HCI -

References

https://msrc.microsoft.com/update-guide/vulnerability/CVE...

vendor-advisorypatch

CVSS V3.1

Score:

7.7

Severity:

HIGH

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Changed

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 22, 2026
Vulnerability Reserved
Feb 11, 2026

CVE-2026-26147 Data

JSON