What is the CVSS score of CVE-2026-40417?

CVE-2026-40417 has a CVSS 3.1 base score of 7.8 (High). CVSS vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H. EPSS exploitation probability: 0.0%.

Is there a patch available for CVE-2026-40417?

Yes, a patch is available for CVE-2026-40417. Update the affected software to the latest version immediately.

Dynamics Business Central CVE-2026-40417

EUVD-2026-29674 HIGH

Weak Authentication (CWE-1390)

2026-05-12 microsoft

GHSA-x37p-2fc6-57xh

Information Disclosure

7.8

CVSS 3.1

CVSS VectorNVD

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Attack Vector

Local

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Lifecycle Timeline

CVE Published

May 12, 2026 - 16:58 nvd

HIGH 7.8

DescriptionNVD

Weak authentication in Dynamics Business Central allows an authorized attacker to elevate privileges locally.

Analysis

Weak authentication in Dynamics Business Central allows an authorized attacker to elevate privileges locally.

Analysis

Detailed AI-generated intelligence summary covering attack vector, impact assessment, affected versions, remediation steps, and indicators of compromise.

POChttps://••••••••••.com/exploit

PATCHhttps://••••••••••.com/patch

ADVISORYhttps://••••••••••.com/advisory

Full analysis requires sign-in

Get intelligence summaries, risk assessment, exploit details, threat intel, and remediation guidance.

CVE-2026-40417 vulnerability details – vuln.today

Back

Dynamics Business Central CVE-2026-40417

CVSS VectorNVD

Lifecycle Timeline

DescriptionNVD

Analysis

Full analysis requires sign-in

Share

External POC / Exploit Code