Microsoft Azure Monitor

13 CVEs affecting Microsoft Azure Monitor. Latest disclosed: 2026-05-12. Critical: 1, High: 12.

Top CVEs affecting Microsoft Azure Monitor
CVE	Severity	Score	Published	Summary
`CVE-2025-55321`	Critical	`9.3`	2025-10-09	Improper neutralization of input during web page generation ('cross-site scripting') in Azure Monitor allows an unauthorized attacker to perform spoofing over…
`CVE-2025-62550`	High	`8.8`	2025-12-09	Out-of-bounds write in Azure Monitor Agent allows an authorized attacker to execute code over a network.
`CVE-2024-29989`	High	`8.4`	2024-04-09	Azure Monitor Agent Elevation of Privilege Vulnerability
`CVE-2026-32204`	High	`7.8`	2026-05-12	External control of file name or path in Azure Monitor Agent allows an authorized attacker to elevate privileges locally.
`CVE-2026-32192`	High	`7.8`	2026-04-14	Deserialization of untrusted data in Azure Monitor Agent allows an authorized attacker to elevate privileges locally.
`CVE-2026-32168`	High	`7.8`	2026-04-14	Improper input validation in Azure Monitor Agent allows an authorized attacker to elevate privileges locally.
`CVE-2025-59494`	High	`7.8`	2025-10-14	Improper access control in Azure Monitor Agent allows an authorized attacker to elevate privileges locally.
`CVE-2024-30060`	High	`7.8`	2024-05-16	Azure Monitor Agent Elevation of Privilege Vulnerability
`CVE-2025-47988`	High	`7.5`	2025-07-08	Improper control of generation of code ('code injection') in Azure Monitor Agent allows an unauthorized attacker to execute code over an adjacent network.
`CVE-2025-59504`	High	`7.3`	2025-11-11	Heap-based buffer overflow in Azure Monitor Agent allows an unauthorized attacker to execute code locally.
`CVE-2024-38097`	High	`7.1`	2024-10-08	Azure Monitor Agent Elevation of Privilege Vulnerability
`CVE-2024-35254`	High	`7.1`	2024-06-11	Azure Monitor Agent Elevation of Privilege Vulnerability
`CVE-2025-59285`	High	`7.0`	2025-10-14	Deserialization of untrusted data in Azure Monitor Agent allows an authorized attacker to elevate privileges locally.