CVE Catalog
CVE-2026-40379
CriticalSummary
Azure Entra ID has an exposure of sensitive information that allows an unauthorized attacker to perform spoofing over a network.
Risk Assessment
The organization may be vulnerable to attacks that could lead to data theft or compromise of system integrity.
Recommendation
It is recommended to implement additional security measures such as access monitoring and security audits to minimize risk.
Original NVD description (English source)
Exposure of sensitive information to an unauthorized actor in Azure Entra ID allows an unauthorized attacker to perform spoofing over a network.

