CVSS 10.0CVSS 10.0 · CRITICAL
CVE-2026-42826
Exposure of sensitive information to an unauthorized actor in Azure DevOps allows an unauthorized attacker to disclose information over a network.
Ver en NVDAnálisis
A critical vulnerability in Azure DevOps (CVSS 10.0) allows unauthorized network actors to access sensitive information. This could potentially lead to the exposure of private source code, environment secrets, or internal development data.
Severidad
Puntaje: 10.0(CRITICAL)
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:HAV: NETWORK
AC: LOW
PR: NONE
UI: NONE
S: CHANGED
C: HIGH
I: HIGH
A: HIGH
Tipo de falla (CWE):
CWE-200EPSS
Sin puntaje EPSS aún (CVE muy reciente).
Descripción técnica
Exposure of sensitive information to an unauthorized actor in Azure DevOps allows an unauthorized attacker to disclose information over a network.
Publicada: 7/5/2026, 22:16:35
Última modificación: 7/5/2026, 22:16:35