Azure Compute Gallery allows unauthorized privilege escalation

Monitor vulnerabilities like this one. Sign up free to get alerted when software you use is affected.

6.7

Azure Compute Gallery allows unauthorized privilege escalation

CVE-2026-23651

Summary

An attacker with authorized access to Azure Compute Gallery can exploit a vulnerable regular expression to gain elevated privileges on the system. This could allow the attacker to access sensitive data or perform unauthorized actions. To protect against this, ensure you keep your Azure Compute Gallery up to date with the latest security patches and follow best practices for access control and permissions.

Original title

Permissive regular expression in Azure Compute Gallery allows an authorized attacker to elevate privileges locally.

Original description

Permissive regular expression in Azure Compute Gallery allows an authorized attacker to elevate privileges locally.

nvd CVSS3.1 6.7

Vulnerability type

CWE-625

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23651

Published: 5 Mar 2026 · Updated: 14 Mar 2026 · First seen: 6 Mar 2026