CVE-2026-21524 — Vulnetix

CVE-2026-21524 PUBLISHED CVSS 7.400000095367432 HIGH

Exposure of sensitive information to an unauthorized actor in Azure Data Explorer allows an unauthorized attacker to disclose information over a network.

EPSS 0.16% · 37.0th percentile

Risk Scores

CVSS v3.1

7.400000095367432

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N/E:P/RL:O/RC:C

EPSS Score

0.16%

37.0th percentile

Affected Products

Vendor	Product	Versions
Microsoft	Azure Data Explorer	-, -
microsoft	azure_data_explorer	-, -

Timeline

Jan 13, 2026 CVE Published
Jan 23, 2026 EPSS Score
Jan 23, 2026 PoC Published
Jan 23, 2026 PoC Published
Jan 26, 2026 EPSS Score
Jan 28, 2026 EPSS Score
Jan 31, 2026 EPSS Score
Feb 2, 2026 EPSS Score
Feb 3, 2026 CVE Updated
Feb 5, 2026 EPSS Score
Feb 8, 2026 EPSS Score
Feb 10, 2026 EPSS Score

References

Azure Data Explorer Information Disclosure Vulnerability vendor-advisory
https://nvd.nist.gov/vuln/detail/CVE-2026-21524 advisory

Open in Interactive Console →