CVE-2026-32210 — Vulnetix

Try Vulnetix Request Demo

CVE-2026-32210 PUBLISHED CVSS 9.300000190734863 CRITICAL

Server-side request forgery (ssrf) in Microsoft Dynamics 365 (Online) allows an unauthorized attacker to perform spoofing over a network.

Risk Scores

CVSS v3.1

9.300000190734863

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N/E:U/RL:O/RC:C

Affected Products

Vendor	Product	Versions
microsoft	dynamics_365_online	-
Microsoft	Microsoft Dynamics 365 (online)	-

Timeline

Apr 14, 2026 CVE Published
Apr 23, 2026 CVE Updated
Apr 24, 2026 Security Advisory
Apr 24, 2026 Security Advisory
May 5, 2026 Security Advisory

References

Microsoft Dynamics 365 (online) Spoofing Vulnerability vendor-advisory
https://nvd.nist.gov/vuln/detail/CVE-2026-32210 advisory

Open in Interactive Console →