Monitor vulnerabilities like this one. Sign up free to get alerted when software you use is affected.

CVE-2026-42823: Azure Logic Apps Privilege Elevation Over Network

CVE-2026-42823

Summary

Azure Logic Apps has a security issue that allows authorized users to gain more access than they should over a network. This means that an attacker who is already authorized could potentially do more harm than they should. To stay safe, make sure to follow best practices for access control and keep your Azure Logic Apps up to date with the latest security patches.

Original title

Improper access control in Azure Logic Apps allows an authorized attacker to elevate privileges over a network.

Original description

Improper access control in Azure Logic Apps allows an authorized attacker to elevate privileges over a network.

nvd CVSS3.1 9.9

Vulnerability type

CWE-284 Improper Access Control

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-42823

Published: 12 May 2026 · Updated: 28 May 2026 · First seen: 13 May 2026