Threats Tagged 'cve-2026-31957'
View all threats tagged with 'cve-2026-31957'. Filter and sort to focus on specific types of threats.
Stop chasing alerts. Route them.
Start free, then upgrade once to turn Radar into an automated delivery engine for your security stack.
Custom feeds / Automations: email, Slack, webhooks, SIEM/MISP / API access (baseline limits)
API access activates after upgrading in Console -> Billing.
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.
Filter Threats
Narrow down the results by type, severity, or affected countries
Threats Tagged 'cve-2026-31957'
Click on any threat for detailed analysis and mitigation recommendations
CVE-2026-31957: CWE-1188: Insecure Default Initialization of Resource in himmelblau-idm himmelblauCVE-2026-31957 0 CVE-2026-31957 is a critical vulnerability in himmelblau versions 3. 0. 0 up to but not including 3. 1. 0, an interoperability suite for Microsoft Azure Entra ID and Intune. The issue arises when himmelblau is deployed without a configured tenant domain in its configuration file, causing authentication to be unscoped to any tenant. This allows the system to accept authentication attempts for arbitrary Entra ID domains by dynamically registering providers at runtime, which is intended only for initial or local bootstrap scenarios. In remote authentication environments, this behavior can lead to unauthorized access, compromising confidentiality, integrity, and availability. The vulnerability has a CVSS score of 10. 0, indicating critical severity, and is fixed in version 3. Join the discussion | CVE Database V5 | 03/11/2026, 19:25:21 UTC Added: 03/11/2026, 19:44:49 UTC |
Showing 1 to 1 of 1 result