CVE Catalog

CVE-2026-26145

MediumCVSS 4.8
Published: Translated: NVD NIST

Summary

An improper access control vulnerability in Azure Synapse allows an authorized attacker to elevate privileges over a network. The issue affects authorization mechanisms in Microsoft's analytics service.

Risk Assessment

An authorized attacker could gain elevated privileges, potentially taking control of resources or data within the Azure Synapse environment, posing a serious risk to data confidentiality and integrity.

Recommendation

Apply security updates provided by Microsoft for Azure Synapse immediately and review access control configurations to mitigate the risk of privilege escalation.

Original NVD description (English source)

Improper access control in Azure Synapse allows an authorized attacker to elevate privileges over a network.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS