CVE-2026-33821

HIGH

Improper privilege management in Microsoft Dynamics 365 Customer Insights allows an authorized attacker to elevate privileges over a network.

CVSS v3.1 Score

7.7
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:N
Attack Vector
NETWORK
Complexity
LOW
Privileges
LOW
User Interaction
NONE
Scope
CHANGED
Confidentiality
NONE
Integrity
HIGH
Availability
NONE
Published: 5/12/2026Modified: 5/15/2026

Related Intelligence (2)

CRITICALAi

Patch Tuesday - May 2026

Microsoft is publishing 137 vulnerabilities on May 2026 Patch Tuesday . Microsoft is not aware of exploitation in the wild or public disclosure for any of these vulnerabilities. So far this month, Microsoft has provided patches to address 133 browser vulnerabilities, which are not included in the Patch Tuesday count above. Windows Netlogon: critical RCE Anyone responsible for securing a domain con

CVE-2026-41089CVE-2020-1472
Rapid7
CRITICALVulnerability

NVD CRITICAL: CVE-2026-33821 — Improper privilege management in Microsoft Dynamics 365 Customer Insights allows...

Improper privilege management in Microsoft Dynamics 365 Customer Insights allows an authorized attacker to elevate privileges over a network.

CVE-2026-33821
NIST NVD

References (1)

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-33821Vendor Advisory