Vulnerability Details CVE-2026-21227
Improper limitation of a pathname to a restricted directory ('path traversal') in Azure Logic Apps allows an unauthorized attacker to elevate privileges over a network.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 24.0%
CVSS Severity
CVSS v3 Score 8.2
Products affected by CVE-2026-21227
-
cpe:2.3:a:microsoft:azure_logic_apps:-