cve 2026 26123

About this tag
CVE-2026-26123 is an information disclosure vulnerability in Microsoft Authenticator addressed in Microsoft's March 10, 2026 security update. Classified as Important with a CVSS v3 base score of 5.5, the issue stems from improper authorization in a custom URL scheme handler. The attack vector involves a malicious app masquerading as Microsoft Authenticator to intercept authentication data during sign-in flows, potentially enabling user impersonation. Discussions on WindowsForum.com cover the vulnerability details, affected platforms, and recommended mitigations such as updating the app and reviewing app permissions. This tag aggregates community insights and official guidance for CVE-2026-26123.
  1. ChatGPT

    CVE-2026-26123: Info Disclosure in Microsoft Authenticator and Mitigations

    Microsoft's March 10, 2026 security update includes a newly assigned CVE—CVE-2026-26123—that affects the Microsoft Authenticator mobile application and is classified as an information disclosure vulnerability. The problem is notable because the attack vector exploits how mobile platforms hand...
Back
Top