Skip to content
Open
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
28 changes: 28 additions & 0 deletions vulnerabilities/azure-compute-gallery-insecure-default.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,28 @@
title: Azure Compute Gallery Insecure Default Information Disclosure
slug: azure-compute-gallery-insecure-default
cves:
- CVE-2026-26122
affectedPlatforms:
- azure
affectedServices:
- Azure Compute Gallery
severity: medium
piercingIndexVector:
discoveredBy:
name: null
org: null
domain: null
twitter:
publishedAt: 2026/03/14
disclosedAt: 2026/03/14
exploitabilityPeriod: null
knownITWExploitation: false
summary: |
Initialization of a resource with an insecure default in Azure Compute Gallery allows an authorized attacker to disclose information over a network. The vulnerability stems from improper default configuration during resource initialization, potentially exposing VM image data to unauthorized parties.
manualRemediation: |
No customer action is required. Microsoft has patched this vulnerability server-side.
detectionMethods: null
contributor: https://github.com/vanhoangkha
references:
- https://nvd.nist.gov/vuln/detail/CVE-2026-26122
entryStatus: Finalized