Aci Confidential Containers
CVE-2026-26122
MEDIUM
Severity by source
AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Lifecycle Timeline
2DescriptionCVE.org
Initialization of a resource with an insecure default in Azure Compute Gallery allows an authorized attacker to disclose information over a network.
AnalysisAI
Unauthorized information disclosure in Azure Compute Gallery occurs due to insecure default initialization settings that authenticated users can exploit to access sensitive data remotely. An authorized attacker can leverage this vulnerability to read confidential information without requiring user interaction. No patch is currently available for Microsoft products and ACI Confidential Containers.
Technical ContextAI
Initialization of a resource with an insecure default in Azure Compute Gallery allows an authorized attacker to disclose information over a network.
RemediationAI
Monitor vendor advisories for a patch. Restrict network access to the affected service where possible.
More in Aci Confidential Containers
View all'.../...//' in Azure Compute Gallery allows an authorized attacker to elevate privileges locally. [CVSS 6.7 MEDIUM]
Privilege escalation in Azure Compute Gallery's regex validation enables high-privileged local users to gain unauthorize
Same technique Information Disclosure
View allShare
External POC / Exploit Code
Leaving vuln.today