CVE-2026-35431

CRITICAL NVD

CVSS Score 10

Severity CRITICAL

Published Apr 23, 2026

Vendor unknown

Description

Server-side request forgery (ssrf) in Microsoft Entra ID Entitlement Management allows an unauthorized attacker to perform spoofing over a network.