CVE-2026-32193NVD

Vulnerability Summary

Improper limitation of a pathname to a restricted directory ('path traversal') in Microsoft Azure Kubernetes Service allows an authorized attacker to execute code locally.

Severity Level

HIGH(8.8)

Published Date

Jun 9, 2026

Last Modified

Jun 9, 2026

Exploitation Status

????

EPSS Score (30-Day)

0.07%Probability

Root Weakness (CWE)

CWE-22: Path Traversal ↗

The software uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory.

CVSS v3.1 Base Metrics

Attack VectorLocal

Attack ComplexityLow

Privileges RequiredLow

User InteractionNone

ScopeChanged

ConfidentialityHigh

IntegrityHigh

AvailabilityHigh

External References

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-32193

Critical Alert 1 Active Exploit Detected Today

CVE Watchtower

CVE-2026-32193NVD

Vulnerability Summary

External References