CVE-2026-33105 — Vulnetix

Try Vulnetix Request Demo

CVE-2026-33105 PUBLISHED CVSS 10 CRITICAL

Reported by microsoft · Published April 2, 2026

Improper authorization in Microsoft Azure Kubernetes Service allows an unauthorized attacker to elevate privileges over a network.

Risk Scores

CVSS v3.1

10

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C

Affected Products

Vendor	Product	Versions
Microsoft	Azure Kubernetes Service	-
microsoft	azure_kubernetes_service	-
Microsoft	Azure Kubernetes Service	-

Timeline

Apr 2, 2026 CVE Updated
Apr 2, 2026 CVE Published
Apr 3, 2026 Security Advisory
May 5, 2026 Security Advisory

References

Microsoft Azure Kubernetes Service Elevation of Privilege Vulnerability vendor-advisorypatch

Open in Interactive Console →