Microsoft Azure Machine Learning
9 CVEs affecting Microsoft Azure Machine Learning. Latest disclosed: 2026-05-12. Critical: 3, High: 2.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2025-49746 | Critical | 9.9 | 2025-07-18 | Improper authorization in Azure Machine Learning allows an authorized attacker to elevate privileges over a network. |
CVE-2025-49747 | Critical | 9.9 | 2025-07-18 | Missing authorization in Azure Machine Learning allows an authorized attacker to elevate privileges over a network. |
CVE-2025-30390 | Critical | 9.9 | 2025-04-30 | Improper authorization in Azure allows an authorized attacker to elevate privileges over a network. |
CVE-2026-32207 | High | 8.8 | 2026-05-07 | Improper neutralization of input during web page generation ('cross-site scripting') in Azure Machine Learning allows an unauthorized attacker to perform spoof… |
CVE-2026-33833 | High | 8.2 | 2026-05-12 | Improper neutralization of special elements in output used by a downstream component ('injection') in Azure Machine Learning allows an unauthorized attacker to… |
CVE-2025-47995 | Medium | 6.5 | 2025-07-18 | Weak authentication in Azure Machine Learning allows an authorized attacker to elevate privileges over a network. |
CVE-2023-28312 | Medium | 6.5 | 2023-04-11 | Azure Machine Learning Information Disclosure Vulnerability |
CVE-2023-23382 | Medium | 6.5 | 2023-02-14 | Azure Machine Learning Compute Instance Information Disclosure Vulnerability |
CVE-2023-35625 | Medium | 4.7 | 2023-12-12 | Azure Machine Learning Compute Instance for SDK Users Information Disclosure Vulnerability |