CVE Catalog

CVE-2026-47655

MediumCVSS 6.5
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.55%

42th percentile - higher than 42% of all known CVEs

Summary

Microsoft Graph has a vulnerability that allows an authorized attacker to disclose sensitive information to unauthorized actors over a network.

Risk Assessment

The organization may lose confidential data, leading to potential privacy and security breaches.

Recommendation

It is recommended to review and strengthen access controls for Microsoft Graph to minimize the risk of information disclosure.

Original NVD description (English source)

Exposure of sensitive information to an unauthorized actor in Microsoft Graph allows an authorized attacker to disclose information over a network.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS