Microsoft Azure Logic Apps
4 CVEs affecting Microsoft Azure Logic Apps. Latest disclosed: 2026-05-12. Critical: 2, High: 2.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2026-42823 | Critical | 9.9 | 2026-05-12 | Improper access control in Azure Logic Apps allows an authorized attacker to elevate privileges over a network. |
CVE-2023-36019 | Critical | 9.6 | 2023-12-12 | Microsoft Power Platform Connector Spoofing Vulnerability |
CVE-2026-32171 | High | 8.8 | 2026-04-14 | Insufficiently protected credentials in Azure Logic Apps allows an authorized attacker to elevate privileges over a network. |
CVE-2026-21227 | High | 8.2 | 2026-01-22 | Improper limitation of a pathname to a restricted directory ('path traversal') in Azure Logic Apps allows an unauthorized attacker to elevate privileges over a… |