{"vulnerability": "cve-2026-57100", "sightings": [{"uuid": "4848b648-d39b-4fdd-988f-8076bce7eb8b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-57100", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mpp6lykss62a", "content": "CVE-2026-57100 - Microsoft Entra Provisioning Service Elevation of Privilege Vulnerability\nCVE ID : CVE-2026-57100\n \n Published : July 2, 2026, 10:18 p.m. | 54\u00a0minutes ago\n \n Description : None\n \n Severity: 9.9 | CRITICAL\n \n Visit the link for more details, such as CVSS detail...", "creation_timestamp": "2026-07-02T23:26:41.151238Z"}, {"uuid": "c6837542-0ab4-4b55-965e-af33dbbb5b62", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-57100", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3mppaj3qatw2b", "content": "\ud83d\udd34 CVE-2026-57100 - Critical (9.9)\n\nServer-side request forgery (ssrf) in Microsoft Entra Provisioning Service (SyncFabric) allows an...\n\nhttps://www.thehackerwire.com/vulnerability/CVE-2026-57100/\n\n#infosec #cybersecurity #CVE #vulnerability #security #patchstack", "creation_timestamp": "2026-07-03T00:00:52.278730Z"}, {"uuid": "cc2b5241-b7c0-4046-ac85-0c23ff38d1cc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-57100", "type": "seen", "source": "https://bsky.app/profile/kriptabiz.bsky.social/post/3mpr4naae3f2k", "content": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2026-57100: Server-Side Request Forgery (SSRF) \u0432 Microsoft Entra Provisioning Service\n\n\n\nhttps://kripta.biz/posts/C9A66A05-8989-4580-A492-ED42711214E5", "creation_timestamp": "2026-07-03T17:56:54.776314Z"}, {"uuid": "350f2fab-b26c-4562-aa2c-fd3e315b054c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-57100", "type": "seen", "source": "https://bsky.app/profile/cybernewsroom.bsky.social/post/3mpr7qbbybk2k", "content": "CVE-2026-57100: Microsoft Entra Provisioning Service Vulnerability Demands Immediate Attention #CVE202657100 #MicrosoftEntra #CyberSecurity", "creation_timestamp": "2026-07-03T18:52:19.130130Z"}, {"uuid": "2cda16c2-28da-49a1-a45c-4007050890c6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-57100", "type": "seen", "source": "https://bsky.app/profile/cybernewsroom.bsky.social/post/3mpr7s4wa4o27", "content": "CVE-2026-57100: Microsoft's Quiet Admission Leaves Organizations Vulnerable #CVE202657100 #MicrosoftSecurity #CyberSecurity", "creation_timestamp": "2026-07-03T18:53:21.009839Z"}, {"uuid": "992c4db6-ce27-4e5b-9f6c-a902bfca4362", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-57100", "type": "seen", "source": "https://bsky.app/profile/cybernewsroom.bsky.social/post/3mpr7s6y76u2w", "content": "CVE-2026-57100: Microsoft's Undisclosed Risk in Entra Provisioning Service #CVE202657100 #MicrosoftSecurity #EntraProvisioning", "creation_timestamp": "2026-07-03T18:53:22.996451Z"}, {"uuid": "3f30a2bc-0bb1-4a6a-b26b-de5e455d6fec", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-57100", "type": "seen", "source": "https://bsky.app/profile/cybernewsroom.bsky.social/post/3mpr7saxozw24", "content": "CVE-2026-57100: Microsoft Entra's Unsubstantiated Elevation of Privilege Claims #CVE2026 #MicrosoftEntra #CyberSecurity", "creation_timestamp": "2026-07-03T18:53:25.006039Z"}, {"uuid": "a302ba94-9a41-44a6-ab06-da518dcced23", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-57100", "type": "seen", "source": "https://bsky.app/profile/cybernewsroom.bsky.social/post/3mpr7scu3nh2q", "content": "CVE-2026-57100: Are Microsoft Entra Privilege Risks Understated? #CVE202657100 #MicrosoftEntra #CyberSecurity", "creation_timestamp": "2026-07-03T18:53:26.908963Z"}, {"uuid": "72ec0cbe-eeea-4e14-8cf1-4106d3f76051", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-57100", "type": "seen", "source": "https://bsky.app/profile/stackflag.bsky.social/post/3mprk4jiqdc2r", "content": "CVE-2026-57100 - microsoft entra provisioning service\nAn authorized attacker can use a Microsoft Entra Provisioning Service (SyncFabric) to gain extra access to a network. This is a concern because it allows an\u2026\n\nToo many irrelevant or confusing CVEs? Use stackflag.com\n\n#microsoft #CVE #infosec", "creation_timestamp": "2026-07-03T21:58:07.502669Z"}, {"uuid": "42acf467-5e72-4ced-a254-242313f0f067", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-57100", "type": "seen", "source": "https://bsky.app/profile/cyberhub.blog/post/3mq6keff6lp25", "content": "\ud83d\udccc CVE-2026-57100 - Server-side request forgery (ssrf) in Microsoft Entra Provisioning Service (SyncFabric) allows an authorized attacker to elevate privileges over a net... https://www.cyberhub.blog/cves/CVE-2026-57100", "creation_timestamp": "2026-07-09T02:07:07.593668Z"}, {"uuid": "63c018bc-3692-45e0-b76d-1af08bdc5bce", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-57100", "type": "seen", "source": "https://advisories.ncsc.nl/advisory?id=NCSC-2026-0233", "content": "Microsoft heeft kwetsbaarheden verholpen in diverse Azure componenten. Een kwaadwillende kan de kwetsbaarheden misbruiken om een Denial-of-Service te veroorzaken, beveiligingsmaatregelen te omzeilen of zich verhoogde rechten toe te kennen en zo mogelijk toegang te krijgen tot gegevens waartoe de kwaadwillende aanvankelijk niet is geautoriseerd.\n\nDe ernstigste kwetsbaarheden bevonden zich in de OpenAI agent en Entra provisioning. Deze kwetsbaarheden zijn echter door Microsoft centraal reeds verholpen en slechts opgenomen ter informatie. Er zijn voor deze kwetsbaarheden geen acties vereist.\n\n```\nAzure CycleCloud: \n|----------------|------|-------------------------------------|\n| CVE-ID         | CVSS | Impact                              |\n|----------------|------|-------------------------------------|\n| CVE-2026-57969 | 8.80 | Verkrijgen van verhoogde rechten    | \n| CVE-2026-58279 | 6.50 | Verkrijgen van verhoogde rechten    | \n|----------------|------|-------------------------------------|\n\nMicrosoft Entra Provisioning Service (SyncFabric): \n|----------------|------|-------------------------------------|\n| CVE-ID         | CVSS | Impact                              |\n|----------------|------|-------------------------------------|\n| CVE-2026-57100 | 9.90 | Verkrijgen van verhoogde rechten    | \n|----------------|------|-------------------------------------|\n\nAzure Monitor Agent: \n|----------------|------|-------------------------------------|\n| CVE-ID         | CVSS | Impact                              |\n|----------------|------|-------------------------------------|\n| CVE-2026-47632 | 8.80 | Verkrijgen van verhoogde rechten    | \n|----------------|------|-------------------------------------|\n\nAzure Spring Apps: \n|----------------|------|-------------------------------------|\n| CVE-ID         | CVSS | Impact                              |\n|----------------|------|-------------------------------------|\n| CVE-2026-50338 | 8.20 | Verkrijgen van verhoogde rechten    | \n|----------------|------|-------------------------------------|\n\nAzure Active Directory: \n|----------------|------|-------------------------------------|\n| CVE-ID         | CVSS | Impact                              |\n|----------------|------|-------------------------------------|\n| CVE-2026-50652 | 7.50 | Denial-of-Service                   | \n| CVE-2026-50653 | 7.50 | Denial-of-Service                   | \n|----------------|------|-------------------------------------|\n\nAzure OpenAI: \n|----------------|------|-------------------------------------|\n| CVE-ID         | CVSS | Impact                              |\n|----------------|------|-------------------------------------|\n| CVE-2026-45499 | 9.90 | Verkrijgen van verhoogde rechten    | \n|----------------|------|-------------------------------------|\n\nAzure Synapse: \n|----------------|------|-------------------------------------|\n| CVE-ID         | CVSS | Impact                              |\n|----------------|------|-------------------------------------|\n| CVE-2026-26145 | 4.80 | Verkrijgen van verhoogde rechten    | \n|----------------|------|-------------------------------------|\n```", "creation_timestamp": "2026-07-14T19:01:02.476678Z"}]}