CVE-2026-33821
CRITICAL WAF: Low
CVSS 9.9
Published: 2026-05-12
CWE-269
Improper privilege management in Microsoft Dynamics 365 Customer Insights allows an authorized attacker to elevate privileges over a network.
WAF Coverage Analysis
Improper Privilege Management
Low WAF Coverage
OWASP: A01:2021 Broken Access Control
Affected Software
| Vendor | Product | Version |
|---|---|---|
| microsoft | dynamics_365_customer_insights | - |
References
- msrc.microsoft.com (Vendor Advisory)