Monitor vulnerabilities like this one. Sign up free to get alerted when software you use is affected.

CVE-2026-35435: Azure AI Foundry M365 Agents Privilege Elevation Risk

CVE-2026-35435

Summary

Unauthorized access to Azure AI Foundry M365 agents could allow attackers to gain elevated network privileges. This affects the security of your network and data. Update your agents to the latest version to mitigate this risk.

What to do

No fix is available yet. Check with your software vendor for updates.

Affected software

Vendor	Product	Affected versions
microsoft	azure_ai_foundry	All versions `cpe:2.3:a:microsoft:azure_ai_foundry:-:::::::*`

Original title

Improper access control in Azure AI Foundry M365 published agents allows an unauthorized attacker to elevate privileges over a network.

Original description

Improper access control in Azure AI Foundry M365 published agents allows an unauthorized attacker to elevate privileges over a network.

nvd CVSS3.1 8.6

Vulnerability type

CWE-284 Improper Access Control

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-35435

Published: 7 May 2026 · Updated: 2 Jun 2026 · First seen: 7 May 2026