Azure Databricks: Unauthenticated Network Access from Application

Monitor vulnerabilities like this one. Sign up free to get alerted when software you use is affected.

10.0

Azure Databricks: Unauthenticated Network Access from Application

CVE-2026-33107

Summary

An attacker can use Azure Databricks to access and control systems on your network without permission. This could allow them to steal data, disrupt operations, or install malware. To protect your company, update Azure Databricks to the latest version and ensure all users have strong, unique login credentials.

Original title

Server-side request forgery (ssrf) in Azure Databricks allows an unauthorized attacker to elevate privileges over a network.

Original description

Server-side request forgery (ssrf) in Azure Databricks allows an unauthorized attacker to elevate privileges over a network.

nvd CVSS3.1 10.0

Vulnerability type

CWE-918 Server-Side Request Forgery (SSRF)

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-33107

Published: 3 Apr 2026 · Updated: 3 Apr 2026 · First seen: 3 Apr 2026