CVE-2026-40374

Description

Exposure of sensitive information to an unauthorized actor in Power Automate allows an authorized attacker to disclose information over a network.

References

• https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-40374