Monitor vulnerabilities like this one. Sign up free to get alerted when software you use is affected.

CVE-2026-33109: Unauthorized Code Execution in Azure Managed Cassandra

CVE-2026-33109

Summary

An authorized user with access to Azure Managed Instance for Apache Cassandra can potentially execute malicious code over a network. This could allow the attacker to access sensitive data or disrupt the service. Azure has addressed this issue, so it's essential to update your managed instance to the latest version to ensure your data remains secure.

Original title

Improper access control in Azure Managed Instance for Apache Cassandra allows an authorized attacker to execute code over a network.

Original description

Improper access control in Azure Managed Instance for Apache Cassandra allows an authorized attacker to execute code over a network.

nvd CVSS3.1 9.9

Vulnerability type

CWE-284 Improper Access Control

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-33109

Published: 7 May 2026 · Updated: 31 May 2026 · First seen: 7 May 2026