HarborGuard / CVE
Back to search
HIGHCVE-2026-26148Published Modified CNA microsoft

CVE-2026-26148: Microsoft Azure AD SSH Login extension for Linux Elevation of Privilege Vulnerability

External initialization of trusted variables or data stores in Azure Entra ID allows an unauthorized attacker to elevate privileges locally.

Metrics

CVSS v3.1
8.1
Severity
HIGH
Fixed in
1.0.033370002
Affected Products
1

Fix available

1.0.033370002
Patch commits
Affected packages
  • Microsoft / Microsoft Azure AD SSH Login extension for Linux
    < 1.0.033370002 (from 1.0.0)
CVSS Vector
CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C
References