CVE-2026-32173 — Vulnetix

Try Vulnetix Request Demo

CVE-2026-32173 PUBLISHED CVSS 8.6 HIGH

Reported by microsoft · Published April 2, 2026

Improper authentication in Azure SRE Agent allows an unauthorized attacker to disclose information over a network.

Risk Scores

CVSS v3.1

8.6

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N/E:U/RL:O/RC:C

Affected Products

Vendor	Product	Versions
Microsoft	Azure SRE Agent Gateway - SignalR Hub	-
microsoft	azure_sre_agent_gateway_signalR_hub	*
Microsoft	Azure SRE Agent Gateway - SignalR Hub	-

Timeline

Apr 2, 2026 CVE Updated
Apr 2, 2026 CVE Published
Apr 3, 2026 PoC Published
Apr 3, 2026 Security Advisory
May 5, 2026 Security Advisory

References

Azure SRE Agent Information Disclosure Vulnerability vendor-advisorypatch

Open in Interactive Console →