Vulnerability-Lookup

CVE-2026-26123 (GCVE-0-2026-26123)

Vulnerability from cvelistv5 – Published: 2026-03-10 19:01 – Updated: 2026-03-12 16:51

Title

Microsoft Authenticator Information Disclosure Vulnerability

Summary

Cwe is not in rca categories in Microsoft Authenticator allows an unauthorized attacker to disclose information locally.

Severity ?

5.5 (Medium)


                        
                          CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C

CWE

CWE-939 - Improper Authorization in Handler for Custom URL Scheme

Assigner

microsoft

References

URL

WID-SEC-W-2026-0656

Vulnerability from csaf_certbund - Published: 2026-03-10 23:00 - Updated: 2026-03-10 23:00

Summary

Microsoft Authenticator App: Schwachstelle ermöglicht Offenlegung von Informationen

Notes

Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.

Produktbeschreibung

Microsoft bietet in der Apps-Produktfamilie zahlreiche Anwendungen für mobile Endgeräte an.

Angriff

Ein lokaler Angreifer kann eine Schwachstelle in der Microsoft Authenticator App ausnutzen, um Informationen offenzulegen.

Betroffene Betriebssysteme

- Windows

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "text": "mittel"
    },
    "category": "csaf_base",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "de-DE",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
      },
      {
        "category": "description",
        "text": "Microsoft bietet in der Apps-Produktfamilie zahlreiche Anwendungen  f\u00fcr mobile Endger\u00e4te an.",
        "title": "Produktbeschreibung"
      },
      {
        "category": "summary",
        "text": "Ein lokaler Angreifer kann eine Schwachstelle in der Microsoft Authenticator App ausnutzen, um Informationen offenzulegen.",
        "title": "Angriff"
      },
      {
        "category": "general",
        "text": "- Windows",
        "title": "Betroffene Betriebssysteme"
      }
    ],
    "publisher": {
      "category": "other",
      "contact_details": "csaf-provider@cert-bund.de",
      "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
      "namespace": "https://www.bsi.bund.de"
    },
    "references": [
      {
        "category": "self",
        "summary": "WID-SEC-W-2026-0656 - CSAF Version",
        "url": "https://wid.cert-bund.de/.well-known/csaf/white/2026/wid-sec-w-2026-0656.json"
      },
      {
        "category": "self",
        "summary": "WID-SEC-2026-0656 - Portal Version",
        "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0656"
      },
      {
        "category": "external",
        "summary": "Microsoft Leitfaden f\u00fcr Sicherheitsupdates",
        "url": "https://msrc.microsoft.com/update-guide/"
      }
    ],
    "source_lang": "en-US",
    "title": "Microsoft Authenticator App: Schwachstelle erm\u00f6glicht Offenlegung von Informationen",
    "tracking": {
      "current_release_date": "2026-03-10T23:00:00.000+00:00",
      "generator": {
        "date": "2026-03-11T07:16:42.813+00:00",
        "engine": {
          "name": "BSI-WID",
          "version": "1.5.0"
        }
      },
      "id": "WID-SEC-W-2026-0656",
      "initial_release_date": "2026-03-10T23:00:00.000+00:00",
      "revision_history": [
        {
          "date": "2026-03-10T23:00:00.000+00:00",
          "number": "1",
          "summary": "Initiale Fassung"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "Authenticator",
                "product": {
                  "name": "Microsoft Apps Authenticator",
                  "product_id": "T051524",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:microsoft:apps:authenticator"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "Apps"
          }
        ],
        "category": "vendor",
        "name": "Microsoft"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2026-26123",
      "product_status": {
        "known_affected": [
          "T051524"
        ]
      },
      "release_date": "2026-03-10T23:00:00.000+00:00",
      "title": "CVE-2026-26123"
    }
  ]
}

MSRC_CVE-2026-26123

Vulnerability from csaf_microsoft - Published: 2026-03-10 07:00 - Updated: 2026-03-10 07:00

Summary

Microsoft Authenticator Information Disclosure Vulnerability

Notes

Additional Resources

To determine the support lifecycle for your software, see the Microsoft Support Lifecycle: https://support.microsoft.com/lifecycle

Disclaimer

The information provided in the Microsoft Knowledge Base is provided \"as is\" without warranty of any kind. Microsoft disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. In no event shall Microsoft Corporation or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Microsoft Corporation or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply.

Customer Action

Required. The vulnerability documented by this CVE requires customer action to resolve.

JSON

To clipboard

{
  "document": {
    "acknowledgments": [
      {
        "names": [
          "\u003ca href=\"https://linkedin.com/in/khaledsec\"\u003eKhaled Mohamed\u003c/a\u003e"
        ]
      }
    ],
    "aggregate_severity": {
      "namespace": "https://www.microsoft.com/en-us/msrc/security-update-severity-rating-system",
      "text": "Important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Public",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en-US",
    "notes": [
      {
        "category": "general",
        "text": "To determine the support lifecycle for your software, see the Microsoft Support Lifecycle: https://support.microsoft.com/lifecycle",
        "title": "Additional Resources"
      },
      {
        "category": "legal_disclaimer",
        "text": "The information provided in the Microsoft Knowledge Base is provided \\\"as is\\\" without warranty of any kind. Microsoft disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. In no event shall Microsoft Corporation or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Microsoft Corporation or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply.",
        "title": "Disclaimer"
      },
      {
        "category": "general",
        "text": "Required. The vulnerability documented by this CVE requires customer action to resolve.",
        "title": "Customer Action"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "secure@microsoft.com",
      "name": "Microsoft Security Response Center",
      "namespace": "https://msrc.microsoft.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "CVE-2026-26123 Microsoft Authenticator Information Disclosure Vulnerability - HTML",
        "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-26123"
      },
      {
        "category": "self",
        "summary": "CVE-2026-26123 Microsoft Authenticator Information Disclosure Vulnerability - CSAF",
        "url": "https://msrc.microsoft.com/csaf/advisories/2026/msrc_cve-2026-26123.json"
      },
      {
        "category": "external",
        "summary": "Microsoft Exploitability Index",
        "url": "https://www.microsoft.com/en-us/msrc/exploitability-index?rtc=1"
      },
      {
        "category": "external",
        "summary": "Microsoft Support Lifecycle",
        "url": "https://support.microsoft.com/lifecycle"
      },
      {
        "category": "external",
        "summary": "Common Vulnerability Scoring System",
        "url": "https://www.first.org/cvss"
      }
    ],
    "title": "Microsoft Authenticator Information Disclosure Vulnerability",
    "tracking": {
      "current_release_date": "2026-03-10T07:00:00.000Z",
      "generator": {
        "date": "2026-03-10T17:04:32.315Z",
        "engine": {
          "name": "MSRC Generator",
          "version": "1.0"
        }
      },
      "id": "msrc_CVE-2026-26123",
      "initial_release_date": "2026-03-10T07:00:00.000Z",
      "revision_history": [
        {
          "date": "2026-03-10T07:00:00.000Z",
          "legacy_version": "1",
          "number": "1",
          "summary": "Information published."
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "category": "product_version_range",
            "name": "\u003c6.2511.7533",
            "product": {
              "name": "Microsoft Authenticator for Android \u003c6.2511.7533",
              "product_id": "2"
            }
          },
          {
            "category": "product_version",
            "name": "6.2511.7533",
            "product": {
              "name": "Microsoft Authenticator for Android 6.2511.7533",
              "product_id": "12289"
            }
          }
        ],
        "category": "product_name",
        "name": "Microsoft Authenticator for Android"
      },
      {
        "branches": [
          {
            "category": "product_version_range",
            "name": "\u003c6.8.40",
            "product": {
              "name": "Microsoft Authenticator for IOS \u003c6.8.40",
              "product_id": "1"
            }
          },
          {
            "category": "product_version",
            "name": "6.8.40",
            "product": {
              "name": "Microsoft Authenticator for IOS 6.8.40",
              "product_id": "20927"
            }
          }
        ],
        "category": "product_name",
        "name": "Microsoft Authenticator for IOS"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2026-26123",
      "cwe": {
        "id": "CWE-939",
        "name": "Improper Authorization in Handler for Custom URL Scheme"
      },
      "notes": [
        {
          "category": "general",
          "text": "Microsoft",
          "title": "Assigning CNA"
        },
        {
          "category": "faq",
          "text": "User interaction is required because the user must have a malicious application installed on their device and then accidentally select that application as the handler for the sign\u2011in deep link. This can occur when the user scans a QR code or taps a sign\u2011in link and chooses the malicious app instead of Microsoft Authenticator, causing the sign\u2011in flow to be handled by the attacker\u2011controlled app.",
          "title": "According to the CVSS metric, user interaction is required (UI:R). What interaction would the user have to do?"
        },
        {
          "category": "faq",
          "text": "This vulnerability could result in disclosure of a one\u2011time sign\u2011in code or authentication deep link if the user selects a malicious application as the handler. The malicious app would receive the sign\u2011in information and could potentially use it to authenticate as the user, allowing access to information or services available to that account.",
          "title": "What type of information could be disclosed by this vulnerability?"
        }
      ],
      "product_status": {
        "fixed": [
          "12289",
          "20927"
        ],
        "known_affected": [
          "1",
          "2"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2026-26123 Microsoft Authenticator Information Disclosure Vulnerability - HTML",
          "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-26123"
        },
        {
          "category": "self",
          "summary": "CVE-2026-26123 Microsoft Authenticator Information Disclosure Vulnerability - CSAF",
          "url": "https://msrc.microsoft.com/csaf/advisories/2026/msrc_cve-2026-26123.json"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-03-10T07:00:00.000Z",
          "details": "6.2511.7533:Security Update:https://play.google.com/store/apps/details?id=com.azure.authenticator\u0026hl=en_US",
          "product_ids": [
            "2"
          ],
          "url": "https://play.google.com/store/apps/details?id=com.azure.authenticator\u0026hl=en_US"
        },
        {
          "category": "vendor_fix",
          "date": "2026-03-10T07:00:00.000Z",
          "details": "6.8.40:Security Update:https://apps.apple.com/us/app/microsoft-authenticator/id983156458",
          "product_ids": [
            "1"
          ],
          "url": "https://apps.apple.com/us/app/microsoft-authenticator/id983156458"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "NONE",
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "environmentalsScore": 0.0,
            "exploitCodeMaturity": "UNPROVEN",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "remediationLevel": "OFFICIAL_FIX",
            "reportConfidence": "CONFIRMED",
            "scope": "UNCHANGED",
            "temporalScore": 4.8,
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Information Disclosure"
        },
        {
          "category": "exploit_status",
          "details": "Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely"
        }
      ],
      "title": "Microsoft Authenticator Information Disclosure Vulnerability"
    }
  ]
}

FKIE_CVE-2026-26123

Vulnerability from fkie_nvd - Published: 2026-03-10 20:16 - Updated: 2026-03-11 13:53

Severity ?

5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

Summary

Cwe is not in rca categories in Microsoft Authenticator allows an unauthorized attacker to disclose information locally.

References

	URL	Tags
	secure@microsoft.com	https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-26123

Impacted products

	Vendor	Product	Version

JSON

To clipboard

{
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Cwe is not in rca categories in Microsoft Authenticator allows an unauthorized attacker to disclose information locally."
    },
    {
      "lang": "es",
      "value": "Cwe no est\u00e1 en las categor\u00edas rca en Microsoft Authenticator permite a un atacante no autorizado divulgar informaci\u00f3n localmente."
    }
  ],
  "id": "CVE-2026-26123",
  "lastModified": "2026-03-11T13:53:20.707",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "NONE",
          "baseScore": 5.5,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 1.8,
        "impactScore": 3.6,
        "source": "secure@microsoft.com",
        "type": "Primary"
      }
    ]
  },
  "published": "2026-03-10T20:16:34.597",
  "references": [
    {
      "source": "secure@microsoft.com",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-26123"
    }
  ],
  "sourceIdentifier": "secure@microsoft.com",
  "vulnStatus": "Awaiting Analysis",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-939"
        }
      ],
      "source": "secure@microsoft.com",
      "type": "Primary"
    }
  ]
}

NCSC-2026-0083

Vulnerability from csaf_ncscnl - Published: 2026-03-10 20:18 - Updated: 2026-03-10 20:18

Summary

Kwetsbaarheid verholpen in Microsoft Authenticator app

Notes

The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions: NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein. NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory. This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings.

Feiten

Microsoft heeft een kwetsbaarheid verholpen in de Authenticator app voor Android en iOS.

Interpretaties

Een kwaadwillende kan de kwetsbaarheid misbruiken om toegang te krijgen tot gevoelige gegevens. Voor succesvol misbruik moet de kwaadwillende het slachtoffer misleiden een malafide app te installeren. Deze app kan dan worden misbruikt om de sign-in van het slachtoffer af te vangen in een Man-in-the-Middle-aanval, om zo toegang te krijgen tot het sign-in proces van het slachtoffer en daarmee toegang te krijgen tot de systemen waar het slachtoffer op inlogt. Omdat succesvol misbruik afhankelijk is van diverse stappen en social-engineering is grootschalig misbruik niet waarschijnlijk, maar kan worden verwacht in gerichte aanvallen door technisch hoogwaardige actoren.

Oplossingen

Microsoft heeft updates beschikbaar gesteld waarmee de beschreven kwetsbaarheden worden verholpen. We raden u aan om deze updates te installeren. Meer informatie over de kwetsbaarheden, de installatie van de updates en eventuele work-arounds vindt u op: https://portal.msrc.microsoft.com/en-us/security-guidance

Kans

medium

Schade

high

CWE-939

Improper Authorization in Handler for Custom URL Scheme

JSON

To clipboard

{
  "document": {
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE"
      }
    },
    "lang": "nl",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:\n\n    NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.\n\n    NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.\n    This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings."
      },
      {
        "category": "description",
        "text": "Microsoft heeft een kwetsbaarheid verholpen in de Authenticator app voor Android en iOS.",
        "title": "Feiten"
      },
      {
        "category": "description",
        "text": "Een kwaadwillende kan de kwetsbaarheid misbruiken om toegang te krijgen tot gevoelige gegevens.\n\nVoor succesvol misbruik moet de kwaadwillende het slachtoffer misleiden een malafide app te installeren. Deze app kan dan worden misbruikt om de sign-in van het slachtoffer af te vangen in een Man-in-the-Middle-aanval, om zo toegang te krijgen tot het sign-in proces van het slachtoffer en daarmee toegang te krijgen tot de systemen waar het slachtoffer op inlogt.\nOmdat succesvol misbruik afhankelijk is van diverse stappen en social-engineering is grootschalig misbruik niet waarschijnlijk, maar kan worden verwacht in gerichte aanvallen door technisch hoogwaardige actoren.",
        "title": "Interpretaties"
      },
      {
        "category": "description",
        "text": "Microsoft heeft updates beschikbaar gesteld waarmee de beschreven kwetsbaarheden worden verholpen. We raden u aan om deze updates te installeren. Meer informatie over de kwetsbaarheden, de installatie van de updates en eventuele work-arounds vindt u op:\n\nhttps://portal.msrc.microsoft.com/en-us/security-guidance",
        "title": "Oplossingen"
      },
      {
        "category": "general",
        "text": "medium",
        "title": "Kans"
      },
      {
        "category": "general",
        "text": "high",
        "title": "Schade"
      },
      {
        "category": "general",
        "text": "Improper Authorization in Handler for Custom URL Scheme",
        "title": "CWE-939"
      }
    ],
    "publisher": {
      "category": "coordinator",
      "contact_details": "cert@ncsc.nl",
      "name": "Nationaal Cyber Security Centrum",
      "namespace": "https://www.ncsc.nl/"
    },
    "title": "Kwetsbaarheid verholpen in Microsoft Authenticator app",
    "tracking": {
      "current_release_date": "2026-03-10T20:18:35.792755Z",
      "generator": {
        "date": "2025-08-04T16:30:00Z",
        "engine": {
          "name": "V.A.",
          "version": "1.3"
        }
      },
      "id": "NCSC-2026-0083",
      "initial_release_date": "2026-03-10T20:18:35.792755Z",
      "revision_history": [
        {
          "date": "2026-03-10T20:18:35.792755Z",
          "number": "1.0.0",
          "summary": "Initiele versie"
        }
      ],
      "status": "final",
      "version": "1.0.0"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-1"
                }
              }
            ],
            "category": "product_name",
            "name": "Microsoft Authenticator for Android"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-2"
                }
              }
            ],
            "category": "product_name",
            "name": "Microsoft Authenticator for IOS"
          }
        ],
        "category": "vendor",
        "name": "Microsoft"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2026-26123",
      "cwe": {
        "id": "CWE-939",
        "name": "Improper Authorization in Handler for Custom URL Scheme"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Authorization in Handler for Custom URL Scheme",
          "title": "CWE-939"
        },
        {
          "category": "description",
          "text": "Microsoft Authenticator contains a vulnerability that permits unauthorized local information disclosure, which is not categorized under root cause analysis (RCA).",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2026-26123 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-26123.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2"
          ]
        }
      ],
      "title": "CVE-2026-26123"
    }
  ]
}

CERTFR-2026-AVI-0274

Vulnerability from certfr_avis - Published: 2026-03-11 - Updated: 2026-03-11

De multiples vulnérabilités ont été découvertes dans les produits Microsoft. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, une élévation de privilèges et un déni de service à distance.

Solutions

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Impacted products

Vendor	Product	Description
Microsoft	N/A	azl3 freetype 2.13.2-1 versions antérieures à 2.13.2-2
Microsoft	N/A	Microsoft Semantic Kernel Python SDK versions antérieures à 1.39.4
Microsoft	N/A	Microsoft SQL Server 2025 pour systèmes x64 (CU2) versions antérieures à 17.0.4020.2
Microsoft	N/A	Microsoft SQL Server 2016 pour systèmes x64 Service Pack 3 (GDR) versions antérieures à 13.0.6480.4
Microsoft	N/A	Microsoft SQL Server 2017 pour systèmes x64 (GDR) versions antérieures à 14.0.2100.4
Microsoft	N/A	Microsoft SQL Server 2017 pour systèmes x64 (CU 31) versions antérieures à 14.0.3520.4
Microsoft	N/A	Microsoft Authenticator pour Android versions antérieures à 6.2511.7533
Microsoft	N/A	Microsoft SharePoint Enterprise Server 2016 versions antérieures à 16.0.5543.1000
Microsoft	N/A	Microsoft SharePoint Server 2019 versions antérieures à 16.0.10417.20102
Microsoft	N/A	Microsoft SQL Server 2022 pour systèmes x64 (CU 23) versions antérieures à 16.0.4240.4
Microsoft	N/A	Microsoft SharePoint Server Subscription Edition versions antérieures à 16.0.19725.20076
Microsoft	N/A	System Center Operations Manager 2022 versions antérieures à 10.22.11951.0
Microsoft	N/A	cbl2 freetype 2.13.1-1 versions antérieures à 2.13.1-2
Microsoft	N/A	Microsoft Authenticator pour IOS versions antérieures à 6.8.40
Microsoft	N/A	Microsoft.Bcl.Memory 9.0 versions antérieures à 9.0.14
Microsoft	N/A	Microsoft SQL Server 2016 pour systèmes x64 Service Pack 3 Azure Connect Feature Pack versions antérieures à 13.0.7075.5
Microsoft	N/A	Microsoft SQL Server 2019 pour systèmes x64 (CU 32) versions antérieures à 15.0.4460.4
Microsoft	N/A	Microsoft.Bcl.Memory 10.0 versions antérieures à 10.0.4
Microsoft	N/A	Microsoft SQL Server 2022 pour systèmes x64 (GDR) versions antérieures à 16.0.1170.5
Microsoft	N/A	Microsoft SQL Server 2019 pour systèmes x64 (GDR) versions antérieures à 16.0.1170.5
Microsoft	N/A	Microsoft SQL Server 2025 pour systèmes x64 (GDR) versions antérieures à 17.0.1105.2
Microsoft	N/A	System Center Operations Manager 2025 versions antérieures à 10.25.10377.0
Microsoft	N/A	GitHub Repo: Zero Shot scFoundation versions antérieures à 0.1.1
Microsoft	N/A	System Center Operations Manager 2019 versions antérieures à 10.19.10658.0

References

Title

Publication Time

Tags

Bulletin de sécurité Microsoft CVE-2026-26114	2026-03-10	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-26106	2026-03-10	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-23865	2026-03-04	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-26105	2026-03-10	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-26127	2026-03-10	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-26030	2026-03-10	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-20967	2026-03-10	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-26113	2026-03-10	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-23654	2026-03-10	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-21262	2026-03-10	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-26123	2026-03-10	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-26115	2026-03-10	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-26116	2026-03-10	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "azl3 freetype 2.13.2-1 versions ant\u00e9rieures \u00e0 2.13.2-2",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Semantic Kernel Python SDK versions ant\u00e9rieures \u00e0 1.39.4",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft SQL Server 2025 pour syst\u00e8mes x64 (CU2) versions ant\u00e9rieures \u00e0 17.0.4020.2",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft SQL Server 2016 pour syst\u00e8mes x64 Service Pack 3 (GDR) versions ant\u00e9rieures \u00e0 13.0.6480.4",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft SQL Server 2017 pour syst\u00e8mes x64 (GDR) versions ant\u00e9rieures \u00e0 14.0.2100.4",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft SQL Server 2017 pour syst\u00e8mes x64 (CU 31) versions ant\u00e9rieures \u00e0 14.0.3520.4",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Authenticator pour Android versions ant\u00e9rieures \u00e0 6.2511.7533",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft SharePoint Enterprise Server 2016 versions ant\u00e9rieures \u00e0 16.0.5543.1000",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft SharePoint Server 2019 versions ant\u00e9rieures \u00e0 16.0.10417.20102",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft SQL Server 2022 pour syst\u00e8mes x64 (CU 23) versions ant\u00e9rieures \u00e0 16.0.4240.4",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft SharePoint Server Subscription Edition versions ant\u00e9rieures \u00e0 16.0.19725.20076",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "System Center Operations Manager 2022 versions ant\u00e9rieures \u00e0 10.22.11951.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "cbl2 freetype 2.13.1-1 versions ant\u00e9rieures \u00e0 2.13.1-2",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Authenticator pour IOS versions ant\u00e9rieures \u00e0 6.8.40",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft.Bcl.Memory 9.0 versions ant\u00e9rieures \u00e0 9.0.14",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft SQL Server 2016 pour syst\u00e8mes x64 Service Pack 3 Azure Connect Feature Pack versions ant\u00e9rieures \u00e0 13.0.7075.5",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft SQL Server 2019 pour syst\u00e8mes x64 (CU 32) versions ant\u00e9rieures \u00e0 15.0.4460.4",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft.Bcl.Memory 10.0 versions ant\u00e9rieures \u00e0 10.0.4",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft SQL Server 2022 pour syst\u00e8mes x64 (GDR) versions ant\u00e9rieures \u00e0 16.0.1170.5",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft SQL Server 2019 pour syst\u00e8mes x64 (GDR) versions ant\u00e9rieures \u00e0 16.0.1170.5",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft SQL Server 2025 pour syst\u00e8mes x64 (GDR) versions ant\u00e9rieures \u00e0 17.0.1105.2",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "System Center Operations Manager 2025 versions ant\u00e9rieures \u00e0 10.25.10377.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "GitHub Repo: Zero Shot scFoundation versions ant\u00e9rieures \u00e0 0.1.1",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "System Center Operations Manager 2019 versions ant\u00e9rieures \u00e0 10.19.10658.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": "",
  "content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
  "cves": [
    {
      "name": "CVE-2026-26123",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-26123"
    },
    {
      "name": "CVE-2026-26106",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-26106"
    },
    {
      "name": "CVE-2026-26114",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-26114"
    },
    {
      "name": "CVE-2026-26127",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-26127"
    },
    {
      "name": "CVE-2026-23865",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-23865"
    },
    {
      "name": "CVE-2026-26030",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-26030"
    },
    {
      "name": "CVE-2026-21262",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-21262"
    },
    {
      "name": "CVE-2026-26115",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-26115"
    },
    {
      "name": "CVE-2026-23654",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-23654"
    },
    {
      "name": "CVE-2026-20967",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-20967"
    },
    {
      "name": "CVE-2026-26116",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-26116"
    },
    {
      "name": "CVE-2026-26105",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-26105"
    },
    {
      "name": "CVE-2026-26113",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-26113"
    }
  ],
  "initial_release_date": "2026-03-11T00:00:00",
  "last_revision_date": "2026-03-11T00:00:00",
  "links": [],
  "reference": "CERTFR-2026-AVI-0274",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2026-03-11T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Microsoft. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, une \u00e9l\u00e9vation de privil\u00e8ges et un d\u00e9ni de service \u00e0 distance.",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Microsoft",
  "vendor_advisories": [
    {
      "published_at": "2026-03-10",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-26114",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-26114"
    },
    {
      "published_at": "2026-03-10",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-26106",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-26106"
    },
    {
      "published_at": "2026-03-04",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-23865",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23865"
    },
    {
      "published_at": "2026-03-10",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-26105",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-26105"
    },
    {
      "published_at": "2026-03-10",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-26127",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-26127"
    },
    {
      "published_at": "2026-03-10",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-26030",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-26030"
    },
    {
      "published_at": "2026-03-10",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-20967",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-20967"
    },
    {
      "published_at": "2026-03-10",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-26113",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-26113"
    },
    {
      "published_at": "2026-03-10",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-23654",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23654"
    },
    {
      "published_at": "2026-03-10",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-21262",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-21262"
    },
    {
      "published_at": "2026-03-10",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-26123",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-26123"
    },
    {
      "published_at": "2026-03-10",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-26115",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-26115"
    },
    {
      "published_at": "2026-03-10",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-26116",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-26116"
    }
  ]
}

GHSA-5MF6-5MJF-6V7R

Vulnerability from github – Published: 2026-03-10 21:32 – Updated: 2026-03-10 21:32

Details

Cwe is not in rca categories in Microsoft Authenticator allows an unauthorized attacker to disclose information locally.

Severity ?

5.5 (Medium)


                  
                    CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2026-26123"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-939"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-03-10T20:16:34Z",
    "severity": "MODERATE"
  },
  "details": "Cwe is not in rca categories in Microsoft Authenticator allows an unauthorized attacker to disclose information locally.",
  "id": "GHSA-5mf6-5mjf-6v7r",
  "modified": "2026-03-10T21:32:17Z",
  "published": "2026-03-10T21:32:17Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-26123"
    },
    {
      "type": "WEB",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-26123"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2026-26123 (GCVE-0-2026-26123)

WID-SEC-W-2026-0656

MSRC_CVE-2026-26123

FKIE_CVE-2026-26123

NCSC-2026-0083

CERTFR-2026-AVI-0274

Solutions

GHSA-5MF6-5MJF-6V7R

Tags

Sightings

Nomenclature