Windows Active Directory Spoofing via Unauthenticated Access

Monitor vulnerabilities like this one. Sign up free to get alerted when software you use is affected.

6.2

Windows Active Directory Spoofing via Unauthenticated Access

CVE-2026-32072

Summary

Attackers can pretend to be a legitimate user on a local network by exploiting a weakness in Windows Active Directory authentication. This could allow them to access sensitive information or disrupt systems. Update your Active Directory settings to prevent unauthorized access.

Original title

Improper authentication in Windows Active Directory allows an unauthorized attacker to perform spoofing locally.

Original description

Improper authentication in Windows Active Directory allows an unauthorized attacker to perform spoofing locally.

nvd CVSS3.1 6.2

Vulnerability type

CWE-287 Improper Authentication

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-32072

Published: 14 Apr 2026 · Updated: 15 Apr 2026 · First seen: 14 Apr 2026