Skip to main content

Azure Cyclecloud 8 9 1

2 CVEs product

Monthly

CVE-2026-58279 MEDIUM PATCH Exploit Unlikely This Month

Missing authorization in Azure CycleCloud allows an authorized attacker to elevate privileges over a network.

Authentication Bypass Microsoft Azure Cyclecloud 8 9 1
NVD
CVSS 3.1
6.5
EPSS
0.4%
CVE-2026-57969 HIGH PATCH This Week

Privilege escalation in Microsoft Azure CycleCloud 8.9.1 allows an authorized (low-privileged) attacker to gain elevated privileges over the network by reaching a critical function that lacks an authentication check (CWE-306). Reported by Microsoft with a patch available and rated CVSS 8.8; there is no public exploit identified at time of analysis and it is not listed in CISA KEV. The flaw enables full compromise of the CycleCloud instance's confidentiality, integrity, and availability, making it a high-priority patch for HPC-orchestration environments.

Authentication Bypass Microsoft Azure Cyclecloud 8 9 1
NVD
CVSS 3.1
8.8
EPSS
0.5%
EPSS 0% CVSS 6.5
MEDIUM PATCH Exploit Unlikely This Month

Missing authorization in Azure CycleCloud allows an authorized attacker to elevate privileges over a network.

Authentication Bypass Microsoft Azure Cyclecloud 8 9 1
NVD
EPSS 1% CVSS 8.8
HIGH PATCH This Week

Privilege escalation in Microsoft Azure CycleCloud 8.9.1 allows an authorized (low-privileged) attacker to gain elevated privileges over the network by reaching a critical function that lacks an authentication check (CWE-306). Reported by Microsoft with a patch available and rated CVSS 8.8; there is no public exploit identified at time of analysis and it is not listed in CISA KEV. The flaw enables full compromise of the CycleCloud instance's confidentiality, integrity, and availability, making it a high-priority patch for HPC-orchestration environments.

Authentication Bypass Microsoft Azure Cyclecloud 8 9 1
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy