Microsoft Azure Ai Bot Service
3 CVEs affecting Microsoft Azure Ai Bot Service. Latest disclosed: 2026-06-18. Critical: 1, High: 2.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2025-30392 | Critical | 9.8 | 2025-04-30 | Improper authorization in Azure Bot Framework SDK allows an unauthorized attacker to elevate privileges over a network. |
CVE-2025-30389 | High | 8.7 | 2025-04-30 | Improper authorization in Azure Bot Framework SDK allows an unauthorized attacker to elevate privileges over a network. |
CVE-2026-32174 | High | 7.7 | 2026-06-18 | Improper authentication in Azure Bot Service allows an authorized attacker to elevate privileges over a network. |