Zero Day MonitorZDM
DashboardVulnerabilitiesTrendingZero-DaysNewsAbout
Login
ImpressumPrivacy Policy
Zero Day Monitor © 2026
3258 articles · 170413 vulns · 37/41 feeds (7d)
← Back to list
9.9
CVE-2026-45499PATCHED
microsoft · azure open ai

Azure OpenAI Elevation of Privilege Vulnerability

Description

Server-side request forgery (ssrf) in Azure OpenAI allows an authorized attacker to elevate privileges over a network.

Affected Products

VendorProductVersions
microsoftazure open ai-

Also Affects

Downstream vendors/products affected by this vulnerability

VendorProductSourceConfidence
microsoftazurecert_advisory90%
microsoftentracert_advisory90%

References

  • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45499(vendor-advisory, patch)

Related News (3 articles)

Tier B
BSI Advisories14h ago
[NEU] [hoch] Microsoft Azure und Entra: Mehrere Schwachstellen ermöglichen Privilegieneskalation
→ No new info (linked only)
Tier C
VulDB16h ago
CVE-2026-45499 | Microsoft Azure Open AI server-side request forgery
→ No new info (linked only)
Tier A
Microsoft MSRC1d ago
CVE-2026-45499 Azure OpenAI Elevation of Privilege Vulnerability
→ No new info (linked only)
CVSS 3.19.9 CRITICAL
VectorCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
CISA KEV❌ No
Actively exploited❌ No
Patch available
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45499
CWECWE-918
PublishedJul 2, 2026
Trending Score43
Source articles3
Independent3
Info Completeness0/14
Missing: cve_id, title, description, vendor, product, versions, cvss, epss, cwe, kev, exploit, patch, iocs, mitre_attack

Community Vote

0
Login to vote
0 upvotes0 downvotes
No votes yet

Related CVEs (5)

HIGHCVE-2026-33825EXPKEV
Microsoft Defender Elevation of Privilege Vulnerability
Trending: 133
HIGHCVE-2026-45659EXPKEV
Microsoft SharePoint Remote Code Execution Vulnerability
Trending: 128
HIGHCVE-2026-58287EXP
Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability
Trending: 57
HIGHCVE-2026-58284EXP
Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability
Trending: 57
HIGHCVE-2026-50521EXP
Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability
Trending: 53

Pin to Dashboard

Verification

State: unverified
Confidence: 0%

Vulnerability Timeline

CVE Published
Jul 2, 2026
Discovered by ZDM
Jul 2, 2026
Patch Available
Jul 3, 2026