Improper Authentication Vulnerability in Azure Active Directory by Microsoft
CVE-2026-45480

10CRITICAL

Key Information:

Vendor: Microsoft
Status: Azure Active Directory
Vendor: CVE Published:; 19 June 2026

What is CVE-2026-45480?

An improper authentication vulnerability in Azure Active Directory allows an unauthorized user to gain elevated privileges within a network. Attackers could exploit this flaw to bypass normal authentication processes, potentially leading to unauthorized access to sensitive data and resources. Organizations using Azure Active Directory should review their security practices and apply the latest updates as recommended by Microsoft to mitigate the risk posed by this vulnerability.

Affected Version(s)

Azure Active Directory -

References

https://msrc.microsoft.com/update-guide/vulnerability/CVE...

vendor-advisorypatch

CVSS V3.1

Score:

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Changed

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 19, 2026
Vulnerability Reserved
May 12, 2026

CVE-2026-45480 Data

JSON