Zero Day MonitorZDM
DashboardVulnerabilitiesTrendingZero-DaysNewsAbout
Login
ImpressumPrivacy Policy
Zero Day Monitor © 2026
3225 articles · 170368 vulns · 37/41 feeds (7d)
← Back to list
9.9
CVE-2026-45499PATCHED
microsoft · azure open ai

Azure OpenAI Elevation of Privilege Vulnerability

Description

Server-side request forgery (ssrf) in Azure OpenAI allows an authorized attacker to elevate privileges over a network.

Affected Products

VendorProductVersions
microsoftazure open ai-

Also Affects

Downstream vendors/products affected by this vulnerability

VendorProductSourceConfidence
microsoftazurecert_advisory90%
microsoftentracert_advisory90%

References

  • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45499(vendor-advisory, patch)

Related News (3 articles)

Tier B
BSI Advisories12h ago
[NEU] [hoch] Microsoft Azure und Entra: Mehrere Schwachstellen ermöglichen Privilegieneskalation
→ No new info (linked only)
Tier C
VulDB15h ago
CVE-2026-45499 | Microsoft Azure Open AI server-side request forgery
→ No new info (linked only)
Tier A
Microsoft MSRC1d ago
CVE-2026-45499 Azure OpenAI Elevation of Privilege Vulnerability
→ No new info (linked only)
CVSS 3.19.9 CRITICAL
VectorCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
CISA KEV❌ No
Actively exploited❌ No
Patch available
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45499
CWECWE-918
PublishedJul 2, 2026
Trending Score43
Source articles3
Independent3
Info Completeness0/14
Missing: cve_id, title, description, vendor, product, versions, cvss, epss, cwe, kev, exploit, patch, iocs, mitre_attack

Community Vote

0
Login to vote
0 upvotes0 downvotes
No votes yet

Related CVEs (5)

HIGHCVE-2026-33825EXPKEV
Microsoft Defender Elevation of Privilege Vulnerability
Trending: 135
HIGHCVE-2026-45659EXPKEV
Microsoft SharePoint Remote Code Execution Vulnerability
Trending: 130
HIGHCVE-2026-50521EXP
Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability
Trending: 53
CRITICALCVE-2026-54998
Microsoft Exchange Online Elevation of Privilege Vulnerability
Trending: 44
CRITICALCVE-2026-26145
Microsoft Azure Synapse Elevation of Privilege Vulnerability
Trending: 43

Pin to Dashboard

Verification

State: unverified
Confidence: 0%

Vulnerability Timeline

CVE Published
Jul 2, 2026
Patch Available
Jul 2, 2026
Discovered by ZDM
Jul 2, 2026