← Back to Tracker
critical AI Issue

Azure MCP Server Missing Authentication

CVECVE-2026-32211
Severitycritical
Statusopen
DateFebruary 15, 2026
AffectsMicrosoft Azure MCP Server
Sourcewindowsnews.ai

Details

CVSS 9.1. Missing authentication mechanisms allow unauthorized access to sensitive data. Part of 30+ MCP CVEs filed in January-February 2026 as the protocol saw rapid adoption without adequate security review.

Read full advisory →