MEDIUM 5.5
CVE-2026-26123
Cwe is not in rca categories in Microsoft Authenticator allows an unauthorized attacker to disclose information locally.
CVSS v3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
Affected mobile apps
Vulnerable CPE configurations
| Vendor | Product | Platform | Versions | CPE 2.3 URI |
|---|---|---|---|---|
| microsoft | authenticator | iOS | <6.8.40 | cpe:2.3:a:microsoft:authenticator:*:*:*:*:*:iphone_os:*:* |
| microsoft | authenticator | Android | <6.2511.7533 | cpe:2.3:a:microsoft:authenticator:*:*:*:*:*:android:*:* |