CVE-2026-32171 — Vulnetix

Try Vulnetix Request Demo

CVE-2026-32171 PUBLISHED CVSS 8.800000190734863 HIGH

Insufficiently protected credentials in Azure Logic Apps allows an authorized attacker to elevate privileges over a network.

Risk Scores

CVSS v3.1

8.800000190734863

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

Affected Products

Vendor	Product	Versions
microsoft	azure_logic_apps	-
Microsoft	Azure Logic Apps	-

Timeline

Apr 14, 2026 CVE Published
Apr 14, 2026 PoC Published
Apr 14, 2026 PoC Published
Apr 15, 2026 Security Advisory
Apr 15, 2026 Security Advisory
May 5, 2026 Security Advisory

References

Azure Logic Apps Elevation of Privilege Vulnerability vendor-advisory
https://nvd.nist.gov/vuln/detail/CVE-2026-32171 advisory

Open in Interactive Console →