M365 Change Tracker

← All changes · security · CVE-2026-40379

CVE-2026-40379CriticalMonitor

Azure Entra ID Spoofing Vulnerability

Severity Critical  ·  Urgency Monitor

Why it matters: Critical severity (CVSS 9.3)

Spoofing · Critical · CVSS 9.3. Affects: Microsoft Entra ID.

CVSS 9.3EPSS 0.9%Update published 2026-06-23Source updated 2026-06-23NVD

Affected: Microsoft Entra ID

Change history

2026-06-23 · First seen

View at Microsoft →