CVE-2026-41615

CRITICAL

Exposure of sensitive information to an unauthorized actor in Microsoft Authenticator allows an unauthorized attacker to disclose information over a network.

CVSS v3.1 Score

9.6

CRITICAL

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

Attack Vector

NETWORK

Complexity

LOW

Privileges

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality

HIGH

Integrity

HIGH

Availability

HIGH

Published: 5/14/2026Modified: 5/15/2026

Related Intelligence (1)

CRITICALVulnerability

NVD CRITICAL: CVE-2026-41615 — Exposure of sensitive information to an unauthorized actor in Microsoft Authenti...

Exposure of sensitive information to an unauthorized actor in Microsoft Authenticator allows an unauthorized attacker to disclose information over a network.

CVE-2026-41615

4d agoNIST NVD

References (1)

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-41615Vendor Advisory