Information Disclosure Vulnerability in Microsoft Teams for Android
CVE-2026-42835

8.1HIGH

Key Information:

Vendor

Microsoft

Vendor
CVE Published:
9 June 2026

What is CVE-2026-42835?

An information disclosure vulnerability exists in Microsoft Teams for Android that arises from improper neutralization of special elements in output used by a downstream component. This flaw can be exploited by an authorized attacker to disclose sensitive information over the network, potentially compromising user data and privacy. It is essential for users to be aware of this vulnerability and apply any relevant patches from Microsoft to ensure the security of their communications.

Affected Version(s)

Microsoft Teams for Android 1.0.0 < 1.0.76.2026111302

References

CVSS V3.1

Score:
8.1
Severity:
HIGH
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.