CVE Catalog

CVE-2026-45499

CriticalCVSS 9.9
Published: Translated: NVD NIST

Summary

A Server-Side Request Forgery (SSRF) vulnerability in Azure OpenAI allows an authorized attacker to escalate privileges over a network.

Risk Assessment

An attacker could exploit this vulnerability to send requests to internal network resources, potentially leading to unauthorized data access or further infrastructure compromise.

Recommendation

Apply security updates provided by Microsoft for Azure OpenAI immediately and review network configurations to mitigate SSRF risks.

Original NVD description (English source)

Server-side request forgery (ssrf) in Azure OpenAI allows an authorized attacker to elevate privileges over a network.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS