What is the CVSS score of EUVD-2026-34333?

EUVD-2026-34333 has a CVSS 3.1 base score of 10.0 (Critical). CVSS vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:H. EPSS exploitation probability: 0.1%.

Which versions of Azure HorizonDB are affected by EUVD-2026-34333?

Microsoft Azure HorizonDB contains a critical authentication bypass vulnerability (CVSS 10.0) that allows remote, unauthenticated attackers to gain elevated access and impact confidentiality,…. A patch is available.

Azure HorizonDB EUVD-2026-34333

| CVE-2026-48567 CRITICAL

Authentication Bypass by Spoofing (CWE-290)

2026-06-04 microsoft

GHSA-xmr7-v6qh-4cp6

Authentication Bypass Microsoft

10.0

CVSS 3.1

Temporal: 8.7

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:H

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Changed

Confidentiality

None

Integrity

High

Availability

High

Lifecycle Timeline

Analysis Generated

Jun 04, 2026 - 23:00 vuln.today

CVE Published

Jun 04, 2026 - 22:00 nvd

CRITICAL 10.0

DescriptionNVD

Authentication bypass by spoofing in Azure HorizonDB allows an unauthorized attacker to elevate privileges over a network.

AnalysisAI

Privilege elevation in Microsoft Azure HorizonDB allows remote unauthenticated attackers to bypass authentication via identity spoofing and gain elevated access across trust boundaries. The CVSS 10.0 score reflects network-reachable exploitation with no privileges or user interaction required, and a scope change indicating impact beyond the initially vulnerable component. …

RemediationAI

Within 24 hours: Identify all Azure HorizonDB instances in your environment and immediately apply the Microsoft-released patch available via MSRC; review access logs for suspicious activity during the unpatched window. Within 7 days: Verify patch deployment across all instances and conduct forensic analysis of authentication events for exploitation indicators. …

Analysis

Detailed AI-generated intelligence summary covering attack vector, impact assessment, affected versions, remediation steps, and indicators of compromise.

POChttps://••••••••••.com/exploit

PATCHhttps://••••••••••.com/patch

ADVISORYhttps://••••••••••.com/advisory

Full analysis requires sign-in

Get intelligence summaries, risk assessment, exploit details, threat intel, and remediation guidance.

More from same product – last 7 days

CVE-2025-71316 CRITICAL Act Now POC

9.2 Jun 04

Arbitrary DLL loading in SQLite's sqldiff.exe utility on Windows allows attackers to achieve code execution by abusing t

CVE-2026-47429 CRITICAL Act Now

9.8 Jun 01

Arbitrary file read and remote code execution in Vitest versions prior to 4.1.0 allow remote unauthenticated attackers t

CVE-2026-10971 CRITICAL Act Now

9.6 Jun 04

Sandbox escape in Google Chrome on Windows prior to 149.0.7827.53 allows a remote attacker who has already compromised t

CVE-2026-11047 CRITICAL Act Now

9.6 Jun 04

Sandbox escape in Google Chrome on Windows prior to 149.0.7827.53 allows a remote attacker who has already compromised t

CVE-2026-11056 CRITICAL Act Now

9.6 Jun 04

Sandbox escape in Google Chrome on Windows prior to 149.0.7827.53 allows a remote attacker who has already compromised t

EUVD-2026-34333 vulnerability details – vuln.today

Back

Azure HorizonDB EUVD-2026-34333

CVSS VectorNVD

Lifecycle Timeline

DescriptionNVD

AnalysisAI

RemediationAI

Full analysis requires sign-in

More from same product – last 7 days

Share

External POC / Exploit Code