Server-Side Request Forgery in Azure OpenAI by Microsoft
CVE-2026-45499
9.9CRITICAL
What is CVE-2026-45499?
A vulnerability exists in Azure OpenAI that allows an authorized attacker to exploit server-side request forgery (SSRF) mechanisms. By leveraging this flaw, an attacker could elevate their privileges and gain unauthorized access to sensitive network resources, potentially compromising the integrity and confidentiality of the affected system. Organizations utilizing Azure OpenAI are advised to implement the latest security patches and follow best practices to mitigate the risks associated with this vulnerability.
Affected Version(s)
Azure Open AI -